1. General provisions
1.1. This Policy regarding the processing of personal data (hereinafter referred to as the Policy) has been prepared in accordance with clause 2, part 1 of Art. 18.1 of the Federal Law of the Russian Federation "On Personal Data" No. 152-FZ dated July 27, 2006 (hereinafter referred to as the Law) and determines the position of the Site Administration (hereinafter referred to as the Site Administration) in the field of processing and protection of personal data (hereinafter referred to as Data), observance of rights and the freedoms of every person and, in particular, the right to privacy, personal and family secrets.
2.1. This Policy applies to the Data received both before and after the entry into force of this Policy.
2.2. Understanding the importance and value of the Data, as well as taking care of the observance of the constitutional rights of citizens of the Russian Federation and citizens of other states, the Site Administration ensures reliable protection of the Data.
3.1. Data means any information relating directly or indirectly to a specific or identifiable natural person, i.e. such information, in particular, includes: surname, name, patronymic, e-mail, location, link to a personal website or social network, ip address.
3.2. Data processing means any action (operation) or a set of actions (operations) with Data performed using automation tools and / or without using such tools. Such actions (operations) include: collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of Data.
3. 3. Data security means the Data security from unauthorized and / or unauthorized access to them, destruction, alteration, blocking, copying, provision, distribution of Data, as well as from other illegal actions in relation to the Data.
4. Legal bases and purposes of data processing
4.1. The processing and security of the Data by the Site Administration is carried out in accordance with the requirements of the Constitution of the Russian Federation, the Law, the Labor Code of the Russian Federation, bylaws, and others determining the cases and features of the processing of the Data of the federal laws of the Russian Federation, guidelines and methodological documents of the FSTEC of Russia and the FSB of Russia.
4 .2. Subjects of the Data processed by the Site Administration are:
4.2.1. Users and visitors of the site https://elitehacks.ru/, owned by the Site Administration, including for the purpose of placing an order on the Site https://elitehacks.ru/.
4.3. The site administration processes the Data of subjects for the following purposes:
4.3.1. implementation of the functions, powers and duties assigned to the Site Administration by the legislation of the Russian Federation in accordance with federal laws,
4.3.2. Users for the purposes of:
18.104.22.168. - providing information on goods / services, ongoing promotions and special offers;
22.214.171.124.- analyzing the quality of the service provided and improving the quality of customer service;
126.96.36.199.- informing about the status of the order;
4.3.2. 4.- performance of the contract, incl. sales contracts, incl. concluded remotely on the Site, provision of paid services; provision of services, as well as accounting for services rendered to consumers for mutual settlements;
188.8.131.52.- delivery of the ordered Goods to the User who made an order on the Site, return of the goods.
5. Data processing principles and conditions.
5.1. When processing Data, the Site Administration adheres to the following principles: Data processing is carried out on a legal and fair basis; The Data is not disclosed to third parties and is not disseminated without the consent of the Data subject, except for cases requiring disclosure of the Data at the request of authorized state bodies, legal proceedings; determination of specific legitimate purposes before the start of processing (including collection) of the Data; only those Data are collected that are necessary and sufficient for the stated purpose of processing; unification of databases containing Data, the processing of which is carried out for purposes incompatible with each other is not allowed; the processing of the Data is limited to the achievement of specific, predetermined and legitimate purposes; The processed Data are subject to destruction or depersonalization upon achievement of the processing goals or in case of loss of the need to achieve these goals, unless otherwise provided by federal law.
5.2. The site administration may include the Data of subjects in publicly available sources of Data, while the Site Administration takes the subject's written consent to the processing of his Data, or by expressing consent through the site form (checkbox), by clicking which the subject of personal data expresses his consent.
5.3. The site administration does not process Data related to race, nationality, polytechnical views, religious, philosophical and other convictions, intimate life, membership in public associations, including trade unions.
5.4. Biometric Data (information that characterizes the physiological and biological characteristics of a person, on the basis of which it is possible to establish his identity and which is used by the operator to establish the identity of the Data subject) are not processed by the Site Administration.
5.5. The site administration carries out cross-border data transfer. The site administration confirms that the foreign state to whose territory the transfer of personal data is carried out provides adequate protection of the rights of subjects of personal data in accordance with the level of security defined by the Council of Europe Convention for the Protection of Individuals with regard to Automated Processing of Personal Data.
5.6. In cases established by the legislation of the Russian Federation, the Site Administration has the right to transfer Data to third parties (federal tax service, state pension fund and other state bodies) in cases stipulated by the legislation of the Russian Federation.
5.7. The site administration has the right to entrust the processing of the Data of the Data subjects to third parties with the consent of the Data subject, on the basis of an agreement concluded with these persons, including with consent to the user agreement and the personal data processing policy posted on the site.
5.8. Persons who process Data on the basis of an agreement concluded with the Site Administration (instructions of the operator) undertake to comply with the principles and rules for the processing and protection of Data provided for by the Law. For each third party, the agreement defines a list of actions (operations) with the Data that will be performed by a third party who processes the Data, the purposes of processing, the obligation of such a person to maintain confidentiality and ensure the security of the Data during their processing is established, the requirements for the protection of the processed Data are specified in accordance with with the Law.
5.9. In order to fulfill the requirements of its contractual obligations, the processing of Data by the Site Administration is carried out both with and without the use of automation tools. The set of processing operations includes collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (provision, access), depersonalization, blocking, deletion, destruction of Data.
5.10. The site administration is prohibited from making decisions based solely on automated processing of the Data that generate legal consequences in relation to the Data subject or otherwise affect his rights and legitimate interests.
6. Rights and obligations of Data subjects, as well as the Site Administration in terms of data processing
6.1. The subject, whose Data is processed by the Site Administration, has the right:
6.1.1. receive from the Site Administration:
184.108.40.206. confirmation of the fact of processing the Data and information about the availability of Data related to the relevant Data subject;
220.127.116.11. information on the legal grounds and purposes of Data processing;
18.104.22.168. information about the methods of data processing used by the Site Administration;
22.214.171.124. list of processed Data related to the Data subject, and information about the source of their receipt;
126.96.36.199. information about the terms of data processing, including the terms of their storage;
188.8.131.52. information on the procedure for exercising the rights by the Data subject;
184.108.40.206. other information provided for by the Law or other regulatory legal acts of the Russian Federation;
6.1.2. require from the Site Administration:
220.127.116.11. clarification of their Data, their blocking or destruction in the event that the Data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing;
18.104.22.168. revoke your consent to the processing of Data at any time; demand the elimination of illegal actions of the Site Administration in relation to its Data;
6.1.3. to protect their rights and legitimate interests, including compensation for damages and / or compensation for moral damage in court.
6.2. The site administration in the process of processing the Data is obliged to:
6.2.1. provide the Data subject, upon his request, with information regarding the processing of his personal data, or legally provide a refusal within thirty days from the date of receipt of the request from the Data subject or his representative;
6.2.2. explain to the Data subject the legal consequences of refusing to provide Data if the provision of Data is mandatory in accordance with federal law;
6.2.3. take the necessary legal, organizational and technical measures or ensure their adoption to protect the Data from unauthorized or accidental access to them, destruction, alteration, blocking, copying, provision, dissemination of Data, as well as from other illegal actions in relation to the Data;
6.2.4 ... publish on the Internet and provideto have unrestricted access using the Internet to the document defining its policy regarding the processing of Data, to information about the implemented requirements for Data protection;
6.2.5. provide data subjects and / or their representatives free of charge the opportunity to familiarize themselves with the Data when submitting an appropriate request within 30 days from the date of receipt of such a request;
6.2.6. block unlawfully processed Data related to the Data subject, or ensure their blocking (if the Data processing is carried out by another person acting on behalf of the Site Administration) from the moment of contacting or receiving a request for a verification period, in case of unlawful processing of Data when the Data subject applies or his representative or at the request of the Data subject or his representative or the authorized body for the protection of the rights of personal data subjects;
6.2.7. clarify the Data or ensure their clarification within 7 working days from the date of submission of the information and remove the blocking of the Data, in case of confirmation of the fact of inaccuracy of the Data on the basis of the information provided by the Data subject or his representative;
6.2.8. stop the unlawful processing of the Data or ensure the termination of the unlawful processing of the Data;
6.2.9. stop processing the Data or ensure its termination and destroy the Data or ensure their destruction in order to achieve the purpose of processing the Data, unless otherwise provided by the agreement to which the data subject is a party, the beneficiary or guarantor, if the purpose of the Data processing is achieved;
6.2.10 ... stop processing the Data or ensure its termination and destroy the Data or ensure their destruction if the Data subject withdraws consent to the processing of the Data, if the Site Administration is not entitled to process the Data without the consent of the Data subject;
7. Data protection requirements
7.1. When processing the Data, the Site Administration takes the necessary legal, organizational and technical measures to protect the Data from unauthorized and / or unauthorized access to them, destruction, modification, blocking, copying, provision, distribution of Data, as well as from other illegal actions in relation to the Data.
7.2. Such measures in accordance with the Law, in particular, include:
7.2.1. appointment of the person responsible for organizing the processing of the Data and the person responsible for ensuring the security of the Data;
7.2.2. development and approval of local acts on the processing and protection of Data;
7.2.3. application of legal, organizational and technical measures to ensure the security of the Data:
7.2.4. identification of threats to the security of the Data during their processing in personal data information systems;
7.2.5. application of organizational and technical measures to ensure the security of the Data during their processing in personal data information systems, necessary to meet the requirements for the protection of Dana;
7.2.6. application of the procedure for assessing the conformity of information protection means that have passed in accordance with the established procedure;
7.2.7. assessment of the effectiveness of measures taken to ensure the security of the Data prior to the commissioning of the personal data information system;
7.2.8. accounting of machine media of Data, if the Data is stored on machine media;
7.2.9. detection of facts of unauthorized access to the Data and taking measures to prevent similar incidents in the future;
7.2.10. recovery of Data, modified or destroyed due to unauthorized access to them;
7.2.11. establishing rules for accessing the Data processed in the personal data information system, as well as ensuring registration and accounting of all actions performed with the Data in the personal data information system.
7.2.12. control over the measures taken to ensure the security of the Data and the level of security of information systems of personal data;
7.2.13. assessment of harm that may be caused to Data subjects in case of violation of the requirements of the Law, the ratio of this harm and the measures taken by the Site Administration aimed at ensuring the fulfillment of the obligations provided for by the Law;
7.2.14. compliance with the conditions that exclude unauthorized access to material data carriers and ensure the safety of the Data;
8. Terms of data processing (storage)
8.1. The terms of processing (storing) the Data are determined based on the purposes of processing the Data, in accordance with the term of the agreement with the Data subject, the requirements of federal laws, the requirements of the Data operators, on whose behalf the Site Administration processes the Data, the basic rules of the archives of organizations, the limitation period.
8.2. Data, the processing (storage) period of which has expired, must be destroyed. Storage of the Data after the termination of their processing is allowed only after their depersonalization.
9. The procedure for obtaining clarifications on the processing of Data
9.1. Persons whose Data is processed by the Administratorsite administration, can get clarifications on the processing of their Data by contacting the Site Administration through the feedback form.
10. Features of processing and protection of Data collected by the Site Administration using the Internet
10.1. The site administration processes the Data received from the users of the Site from the resource: https://elitehacks.ru/ (hereinafter referred to as the Site) and by going directly to the order.
10.2. Data Collection
There are two main ways by which the Site Administration receives Data via the Internet:
10.2.1. Provision of Data (independent data entry):
10.2.1.1. link to personal website or social networks
10.3. Automatically collected information
The site administration may collect and process information that is not personal data:
10.3.1. location determination
10.3.2. ip address
10.3.3. information about the interests of Users on the Site based on the entered search queries of users of the Site about goods sold and offered for sale in order to provide relevant information to users when using the Site, as well as summarize and analyze information about which sections of the Site and products are in greatest demand among the Site's clients ;
10.3.4. processing and storing search queries from users of the Site in order to summarize and create client statistics on the use of sections of the Site. The site administration automatically receives some types of information obtained in the process of user interaction with the Site, correspondence by e-mail, etc. We are talking about technologies and services, such as web protocols, cookies, web marks, as well as applications and tools specified third party. At the same time, web marks, cookies and other monitoring technologies do not make it possible to automatically receive Data. If the user of the Site at his own discretion provides his Data, for example, when filling out a feedback form or sending an e-mail, then only then the processes of automatic collection of detailed information are launched for the convenience of using the Site and / or to improve interaction with Users.
10.4. Use of Data
The site administration has the right to use the provided Data in accordance with the stated purposes of their collection, subject to the consent of the Data subject, if such consent is required. The obtained Data in a generalized and impersonal form can be used to better understand the needs of buyers of goods and services sold by the Site Administration and to improve the quality of service.
10.5. Transfer of Data
The site administration may entrust the processing of Data to third parties only with the consent of the Data subject. Also, the Data can be transferred to third parties in the following cases: a) As a response to legitimate requests from authorized state bodies, in accordance with laws, court decisions, etc. b) Data cannot be transferred to third parties for marketing, commercial and other similar purposes, for except for the cases of obtaining the prior consent of the Data subject.
10.6. The site contains links to other web resources, which may contain useful and interesting information for users of the Site. However, this Policy does not apply to such other sites. Users who follow links to other sites are advised to familiarize themselves with the Data processing policies posted on such sites.
10.7 The Site user can at any time withdraw his consent to the Data processing by sending a message to the e-mail address: elitehacksru @ mail. ru. After receiving such a message, the processing of the User's Data will be terminated, and his Data will be deleted, unless the processing can be continued in accordance with the law.
11. Final Provisions
11.1. This Policy is a local regulatory act of the Site Administration. This Policy is publicly available. The general availability of this Policy is ensured by publication on the Site. This Policy may be revised in any of the following cases:
11.1.1. when the legislation of the Russian Federation in the field of processing and protection of personal data changes;
11.1.2. in cases of receiving instructions from the competent state authorities to eliminate inconsistencies affecting the scope of the Policy;
11.1.3. by the decision of the Site Administration;
11.1.4. when the purposes and terms of Data processing change;
11.1.5. when changing the organizational structure, structure of information and / or telecommunication systems (or introducing new ones);
11.1.6. when applying new technologies for processing and protecting Data (including transmission, storage);
11.1.7. when it becomes necessary to change the data processing process related to the activities of the Site.
11.2. An integral part of this Policy is the Consent to the processing of personal data posted on the Site.
11.3. This Policy acts directly and is interconnected with the User Agreement posted on the Site.