image
        description Invest
Map
:

Privacy Policy

Privacy Policy Statement of

a Non-Profit Unitary Organization –

Fund "Investment Promotion Agency of the Samara Region"

concerning personal data processing

  1. INTRODUCTION


    1. Ensuring confidentiality and safeness of the personal data processing in the Non-Profit Unitary Organization – Fund “Investment Promotion Agency of the Samara Region” (further on – Agency) is one of the prior tasks of the Agency.

For these purposes within the Agency there is brought into force a set of organizational/management documentation binding all staff members eligible to personal data processing.

Processing, storing and ensuring confidentiality and security of the personal data is carried out in conformity with the Federal Law 152-FZ, dated 27 July 2006, “On personal data” and other regulatory legal acts of the Russian Federation on personal data security and local regulatory acts of the Agency.

This Privacy Policy Statement defines the order, principles and conditions of personal data processing of Agency staff members and Agency service consumers whose personal data is processed by the Agency with the objective of ensuring protection of human and civil rights and freedoms when processing his personal data, including protection of his rights to personal and family privacy. According to this Privacy Policy Statement the Agency officials eligible to personal data processing are responsible for non-fulfillment of the regulation requirements on personal data processing and protecting.

This Privacy Policy Statement applies to all information that the Agency located on domain name www.investinsamara.ru (further on – website) can receive about the subject of personal data (the user, the client) in the process of using the website, Agency’s services, programs and products.

The consent of the subject of the personal data (the user, the client) to personal data processing given in conformity with this Privacy Policy Statement within using the website applies to all website services.

Using the website by the subject of personal data (the user, the client) implies the user’s consent to this Privacy Policy Statement and terms and conditions or personal data processing.

In case of dissent with this Privacy Policy Statement the subject of personal data (the user, the client) has to stop using the website in the sections where submission / issuing of the personal data to the Agency is required.

The Agency is not obliged to check the reliability of the personal data submitted by the subject of personal data (the user, the client) in the process of using the website.

1.2. Personal data processing is carried out in conformity with the following principles:

1) Processing of personal data is carried out on reasonable and lawful basis;

2) Processing of personal data is limited to achieving particular, pre-defined, lawful purposes. Processing of personal data with the purpose of collecting personal data is forbidden:

3) Alliance of databases containing personal data processed in incompatible purposes is not allowed;

4) The personal data is going to be processed only if it corresponds to the purposes of processing;

5) Content and amount of processed personal data corresponds to the stated purposes of processing. Processed personal data are not superfluous in relation to the stated purposes of processing;

6) When processing personal data the accuracy of personal data, adequacy and, in certain cases, relevance in relation to the stated purposes of their processing is provided;

7) Storage of personal data is carried out in the form allowing to define the subject of personal data not longer than it is required by the purposes of personal data processing if storage time of the personal data is not set by the federal law or by the contract where the subject of the personal data (the user, the client) appears as a contractor, beneficiary or guarantor. Processed personal data are liable for destruction or depersonalization on reaching the purposes of processing or in case of loss of need of achieving these purposes if other is not provided by the federal law.


2. DEFINITION OF TERMS


2.1. For the purposes of this Privacy Policy Statement the following terms are used:

2.1.1. Personal data – any information relating directly or indirectly to the certain or to the defined individual (the subject of personal data);

2.1.2. The operator – the juridical person that organizes and (or) carries out personal data processing independently or in collaboration with other persons. The operator also defines the purposes of personal data processing, personal details to be processed, actions (operations) made with personal data;

2.1.3. Personal data processing – any action (operation) or set of actions (operations) made with or without the use of the automation equipment over the personal data, including collecting, recording, systematization, accumulation, storage, specification (updating, changing), extraction, using, transferring (distribution, granting, access), depersonalization, blocking, removal, destruction of the personal data;

2.1.4. Confidentiality of personal data – the requirement that forbids the distribution of personal data without the consent of the subject of personal data or existence of other legal basis obligatory for observance by the Operator or by the other officials eligible to personal data processing;

2.1.5. The subject of personal data (the user, the client) – the person that has access to the website by means of the Internet and uses the website;


3. POLICY SUBJECT


3.1. This Privacy Policy Statement establishes Operator obligations for nondisclosure and protection of confidentiality of the personal data which the subject of personal data (the user, the client) provides in result of the request of the Operator when using the website.

3.2. The personal data consented for processing within the real Privacy Policy Statement are provided by the subject of personal data (the user, the client) by filling in the form on the website in the section "Investor steps" and include the following information:

- second name;

- first name;

- paternal name;

- contact telephone number;

- e-mail.

3.3. Personal data specified in item 3.2. is liable for secure storage and non-proliferation, except for the cases provided in items 5.2. of this Privacy Policy Statement.


4. PURPOSES OF COLLECTING OF THE PERSONAL INFORMATION OF THE SUBJECT OF PERSONAL DATA


4.1. The Operator can use the personal data of the subject of personal data (the user, the client) in order to establish with the subject of personal data (the user, the client) the feedback (processing of electronic requests and issuing / providing the answer) including the mailing of the newsletters of the website, news ads and partner commercial news of the Agency.


5. WAYS AND TERMS OF PROCESSING OF THE PERSONAL DATA


5.1. Processing of the User’s personal data is carried out without limit of time in any lawful ways with the help of or without the automation equipment.

5.2. The subject of the personal data (the user, the client) agrees that the Operator has the right to transfer personal data to the third parties, in particular, to the competent public authorities of the Russian Federation, public authorities of the territorial subjects of the Russian Federation, local government administrations, organizations, institutes and enterprises in order to achieve the goals provided by the Consent to Personal Data Processing of the subject of personal data (the user, the client) and Privacy Policy Statement under the law and according to the procedures laid down by the law of the Russian Federation.

5.3. In case of loss or disclosure of the personal data the Operator informs the User on loss or disclosure of the personal data.

5.4. The Operator takes all the necessary organizational and technical measures for protection of the personal information of the User against illegal or casual access, destruction, change, blocking, copying, distribution and also against the other illegal actions of the third parties. For technical protection of personal data infrastructure of the provider and standard mechanisms are used.

5.5. The Operator together with the subject of the personal data (the user, the client) takes all the necessary measures for prevention of the loss or the other negative consequences caused by loss or disclosure of the personal data of the subject of personal data (the user, the client).


6. OBLIGATIONS OF THE OPERATOR


6.1. The Operator is obliged:

6.1.1. To provide the subject of personal data (the user, the client) by his inquiry all the information concerning processing of his personal data or legal refusal on doing this.

6.1.2. Upon the request of the subject of personal data (the user, the client) to specify the processed personal data, to block or to delete if personal data are incomplete, outdated, inexact, illegally received or aren't necessary for a stated purpose of processing.

6.1.3. To use the obtained information only for the purposes specified in the item 4 of this Privacy Policy Statement.

6.1.4. To provide secure storage of confidential information, not to disclose it without preliminary written permission of the subject of personal data (the user, the client) and also not to carry out sale, exchange, publication or disclosure of the transferred personal data of the subject of personal data (the user, the client) in the other possible ways, except for the items 5.2. of this Privacy Policy Statement.

6.1.5. To take precautions for protecting the confidentiality of personal data of the subject of personal data (the user, the client) according to an order usually used for protection of such information in the existing business conduct.

6.1.6. To carry out blocking of the personal data relating to an appropriate subject of personal data (the user, the client) from the moment of the address or inquiry of the subject of personal data (the user, the client) or his lawful representative or an authorized body on protection of the rights of subjects of personal data during verification, in case of identification of doubtful personal data or illegal actions.

6.1.7. To fulfill other duties provided by the legislation of the Russian Federation on protection of personal data.

7. MEASURES FOR SECURITY OF PERSONAL DATA DURING PROCESSING


7.1. When processing personal data the Agency takes necessary legal, organizational and technical measures for protection of personal data against illegal or casual access to them, destruction, change, blocking, copying, granting, distribution of personal data and from the other illegal actions on personal data.

7.2. Security of personal data is reached, in particular:

- definition of threats to security of personal data while processing in personal data information systems;

- application of organizational and technical measures for safety of personal data during processing in personal data information systems necessary for implementation of requirements of personal data protection which are provided by the levels of security of personal data established by the Government of the Russian Federation;

- application of the means of information protection which have undergone procedure of compliance in accordance to the established procedure assessment;

- efficiency assessment of the taken measures for safety of personal data before putting an information system of personal data into service;

- machine carriers of personal data accounting;

- detection of the facts of unauthorized access to personal data and taking necessary measures;

- restoration of the personal data modified or destroyed owing to unauthorized access to them;

- establishment of access rules to the personal data processed in a personal data information system and registration assurance and accounting of all actions made with the personal data in a personal data information system;

- control over the taken measures for safety of personal data and level of security of personal data information systems.


8. RESPONSIBILITY


8.1. In case of non-execution of conditions of this Privacy Policy Statement the Agency bears responsibility according to the current legislation of the Russian Federation.


ATTENTION!


To receive explanations on the questions of personal data processing you can personally contact the Agency or send an official request to the address: 5, Lesnaya St., Samara, Samara Region, 443100, Russia.