Personalni boshqarish
• xodimni ishga olish
• nazorat va vazifalarni taqsimlash
Privacy Policy RAZVITIE LLC

Last updated: November 10, 2019

1. Key Provisions

1.1. This personal data processing policy (hereinafter referred to as this Privacy Policy) shall define the procedure and provisions of personal data processing, as well as measures to ensure safety and security of personal data as processed by Razvitie LLC (hereinafter referred to as the Company) in order to protect the rights and freedoms of personal data subjects in the course of processing their personal data.

1.2. This Privacy Policy was developed in accordance with the Federal Law of the Russian Federation On Personal Data No. 152-FZ dated July 27, 2006.

1.3. In accordance with this Privacy Policy the Company shall process personal data acquired from users who fill out their inquiries on the Company websites, as well as any personal data of the Company clients who interact with the Company employees, including in the course of verbal negotiations, correspondence in any form, etc.).

1.4. This Privacy Policy was published in accordance with Part 2 Article 18.1 of the Federal Law On Personal Data No. 152-FZ dated July 27, 2006 (hereinafter referred to as the Federal Law On Personal Data).

2. Terms and Definitions

2.1. The following terms and definitions are used for purposes of this Privacy Policy:

Personal data shall mean any information relating directly or indirectly to any particular or identifiable natural person (personal data subject);

Personal data processing shall mean any action (transaction) or totality of actions (transactions) performed with any automation devices and equipment or without such equipment and involving personal data, including any collection, recording, systematization, accumulation, storage, updating, amendment, retrieval, usage, transmission (dissemination, provision, accessing), anonymization, blocking, deletion, and destruction of personal data;

Automated personal data processing shall mean personal data processing using any means of computer technology;

Dissemination of personal data shall mean actions aimed at disclosure of personal data to the general public;

Provision of personal data shall mean actions aimed at disclosure of personal data to a certain person or a certain group of persons;

Personal data blocking shall mean temporary suspension of personal data processing (except if such processing is necessary for updating personal data);

Personal data destruction shall mean actions, as a result of which it becomes impossible to restore the contents of personal data in the information system for personal data and/or as a result of which physical media bearing the personal data are destroyed;

Personal data anonymization shall mean actions which render impossible, without using additional information, the identification of affiliation of personal data to a specific subject of personal data;

Personal data information system shall mean the totality of personal data contained in the database and any information technologies and technical devices ensuring processing thereof;

Transborder transfer of personal data shall mean transfer of personal data to the territory of a foreign country, foreign authority, foreign natural person or foreign legal person.

3. Principles of Personal Data Processing

3.1. Personal data processing is performed by the Company following the below principles:

  • Legitimacy and equitable basis;
  • Restriction of personal data processing by way of achieving specific, predefined, and legitimate goals;
  • Avoidance of any processing of personal data which is inconsistent with the purposes of personal data collection;
  • Prevention of integration of databases containing personal data, the processing of which is performed for purposes which are inconsistent with each other;
  • Processing of personal data that match the purposes of processing thereof;
  • Conformity of the contents and scope of personal data processed to the declared purposes of processing thereof;
  • Prevention of processing of excessive personal data in relation to the declared purposes of processing thereof;
  • Ensuring accuracy, sufficiency, and relevance of personal data in relation to the purposes of personal data processing;
  • Destruction or anonymization of personal data upon achieving the purposes of processing thereof or if it becomes irrelevant to achieve such purposes, and if the Company fails to remedy any violations incurred in personal data processing, unless otherwise provided for by any federal laws.

4. Conditions for Personal Data Processing

4.1. The scope of personal data processed:

  • Personal data which users provide to the Company when filling out information boxes on websites, including filling out of contact forms for event registration (such data may include last name, first name, middle name, contact phone number, email address, place of employment, position, and other data);
  • Personal data and other information contained in messages which clients sent to the Company employees, including information conveyed in email correspondence, SMS messages, verbal negotiations (such data may include last name, first name, middle name, contact phone number, email address, place of employment, position, and other data);
  • Technical data which are automatically transmitted by a device which enables users to utilize or browse the Company websites, including technical features of the device, IP address, information contained in cookie files which are sent to a user’s (computer) device, information about the browser, data and time of accessing the website, addresses of pages searched, and any other similar information;
  • Other data.

4.2. Purposes of personal data processing include:

  • Provision of information about events, products, and services of the Company and consulting on the above;
  • Responses of user questions via feedback form on the websites;
  • Communications with clients of the Company;
  • Setting up participation in events and surveys as organized by the Company;
  • Sending emails and SMS notifications, including those of advertizing nature, information and newsletters, invitations to events and other advertizing- and news-related information;
  • Other purposes as agreed upon with personal data subjects;
  • Ensuring functionality and security of the websites;
  • Improvement of the quality of performance of the websites.

4.3. Personal data processing is performed in the following events:

  • Personal data processing is performed upon consent of the personal data subject to process their personal data;
  • Personal data processing is necessary for achieving the objectives as stipulated for by the relevant international treaty of the Russian Federation or the relevant laws, in order to perform and exercise the function, authority, and obligations as imposed on the Company by the current legislation of the Russian Federation;
  • Personal data processing is necessary for the performance of any agreements, under which the personal data subject is a beneficiary or pledgor, as well as for entering into any agreements at the initiative of the personal data subject or any agreements, under which the personal data subject is a beneficiary or pledgor;
  • Personal data processing is necessary for the exercise of rights and legitimate interests of the Company or any third parties, provided, however, that no rights and freedoms of the personal data subject are infringed;
  • Personal data processing is performed for statistical or research purposes, except for purposes that provide for mandatory anonymization of personal data in accordance with the current legislation of the Russian Federation.

4.4. General description of personal data processing.

When processing personal data the Company performs the following actions (transactions) or a combination of actions (transactions) using automation equipment and without using such equipment for data processing: Collection, recording, systematization, accumulation, storage, updating, amendment, retrieval, usage, transfer (provision, accessing), anonymization, blocking, deletion, and destruction. No processing of special categories of personal data pertaining to ethnicity, national identity, political views, religious or philosophic convictions, intimate life, information which typifies physiological make-up of a person and based on which the person’s identify can be established (biometric personal data) shall be allowed and performed.

For certain categories of personal data cross-border transfer of such data shall be allowed to countries that guarantee viable protection of personal data or to other countries upon written consent of the personal data subject. The Company shall, however, comply with the requirements to such transfer as defined by the current legislation of the Russian Federation.

The Company shall not make any decisions based on solely automated processing of personal data which entail legal consequences in relation to the personal data subject or which in any other manner affect their rights and legitimate interests. The Company shall be entitled to commission other person to process personal data upon consent of the personal data subject, unless otherwise provided for by any federal laws, and pursuant to the relevant agreement in place with that person. The person that engages in processing personal data at the direction of the Company shall comply with the principals and rules for personal data processing as provided for by the Federal Law On Personal Data.

4.5. Measures to process and protect personal data.

The Company shall take the following measures in order to ensure its compliance with the requirements to processing and ensuring security of personal data:

Appointment of employees responsible for setting up personal data processing, ensuring security of personal data in the relevant personal data information systems;

Publication and implementation of internal regulations and bylaws pertaining to processing and ensuring security of personal data aimed at the prevention and identification of violations as provided for by the current legislation of the Russian Federation and elimination of consequences of such violations;

Taking legal, organizational, and technical measures in order to ensure security of personal data taking into account their level of protection;

Determination of threats to security of personal data in the course of their processing in the relevant personal data information systems;

Application of the information security equipment which passed the established procedure of conformity evaluation;

Evaluation of efficiency of measures taken in order to ensure security of personal data prior to implementation of the personal data information systems;

Registration of computer-based storage media for personal data;

Implementation of tools for the detection of unauthorized access to personal data and taking measures in case of each incident;

Recovery of personal data which were modified or destroyed as a result of unauthorized access to such data;

Establishment of rules for accessing the personal data processed by the Company’s personal data information systems, as well as ensuring registration and recording of all the transactions with personal data in the personal data information systems;

Supervision of measures taken for purposes of ensuring personal data security and level of protection of the personal data information systems;

Internal controls over compliance of personal data processing with the requirements of the Federal Law On Personal Data and the relevant regulatory enactments, requirements to protection of personal data, this Privacy Policy, and the Company bylaws;

Evaluation of damages which may be incurred to personal data subjects;

Familiarization of employees who are directly engaged in personal data processing with the provisions of the current legislation of the Russian Federation on personal data, including requirements to personal data protection, documents defining the Company policy for personal data processing, and its bylaws pertaining to personal data processing;

Familiarization of third party employees who are directly engaged in personal data processing in the territory of the Company with the provisions of the current legislation of the Russian Federation on personal data, including requirements to personal data protection, documents defining the Company policy for personal data processing, and its bylaws pertaining to personal data processing.

5. Rights of Personal Data Subjects

5.1. A personal data subject makes their decision to provide the personal data and agrees to process them independently, at their own will, and following their interests. Consent to process personal data may be provided by a personal data subject or their representative in any form which allows validating the fact of receipt thereof, unless otherwise provided for by the relevant federal laws. The Company shall be obliged to provide evidence of receipt of the personal data subject’s consent to process their personal data or evidence of availability of the relevant grounds as set forth in the Federal Law On Personal Data.

5.2. A personal data subject has the right to receive information pertaining to processing their personal data, if such right is not restricted in accordance with the relevant federal laws, including any information containing:

  • Validation of the fact of personal data processing;
  • Legal grounds and purposes of personal data processing;
  • Purposes and methods applied by the Company for personal data processing;
  • Name and location of the Company, information about persons (except for employees of the Company) who have access to personal data or who may be exposed to personal data pursuant to the relevant agreement with the Company or pursuant to the relevant federal law;
  • Personal data processed which relate to the corresponding personal data subject, its source, unless any other procedure for provision of such data was provided by any federal laws;
  • Term for personal data processing, including the term of storage of the same;
  • Procedure of exercise by a personal data subject of their rights as stipulated for by the Federal Law On Personal Data;
  • Information about any cross-border data transfer performed or alleged;
  • First name or last name and address of the person processing personal data at the Company’s instruction, if personal data processing is commissioned or will be commissioned to that person;
  • Any other information as provided for by the Federal Law On Personal Data or any other federal laws.

5.3. A personal data subject shall be entitled to request that the Company update his/her personal data, block or destroy them in the event the personal data are incomplete, obsolete, inaccurate, wrongfully acquired or if they are not necessary for the declared purpose of personal data processing, as well as entitled to take any measures to protect their rights as provided for by the relevant laws.

5.4. Personal data processing for purposes of promotion of goods, works and services on the market by way of engaging in direct contact with potential consumers using any means of communications shall only be permitted if the personal data subject provides their prior consent to such personal data processing. The said personal data processing shall be deemed to be performed without the personal data subject’s prior consent if the Company fails to prove that such consent has been secured. The Company shall immediately, upon demand of the personal data subject, terminate processing of the subject’s personal data with the aforementioned purposes.

5.5. If a personal data subject believes the Company processes their personal data in breach of the requirements of the Federal Law On Personal Data or that it infringes his/her rights and freedoms in any other way, the personal data subject shall be entitled to appeal the Company's actions or omissions in the Authority for protection of rights of personal data subjects or as part of a judicial procedure.

5.6. A personal data subject has the right to protection of their rights and legitimate interests, including the right for reimbursement of losses and/or compensation for distress damages in a court of law.

6. Termination of Personal Data Processing

6.1. Personal data processed by the Company are subject to destruction in the following cases:

  • Upon achieving the purposes of personal data processing or in case it is no longer relevant to achieve such purposes;
  • Upon receipt of the corresponding inquiry from a subject of personal data;
  • Upon receipt of the corresponding instruction from the duly authorized agency on protection of rights of personal data subjects;
  • Upon expiration of the relevant retention period for personal data.

7. Final Provisions

7.1. Persons liable for violating any requirements of the Federal Law On Personal Data shall be held responsible as provided for by the current legislation of the Russian Federation. Moral damages incurred to any personal data subject due to breach of their rights, violation of the personal data processing regulations as established by the Federal Law On Personal Data, as well as violation of any requirements to personal data protection as established in accordance with the Federal Law On Personal Data shall be subject to reimbursement in accordance with the current legislation of the Russian Federation. Redress for moral damages shall be performed regardless of reimbursement of property damages and losses incurred by the relevant personal data subject.

7.2. This Privacy Policy may be amended and updated as necessary. Such amendments shall be made publicly available in accordance with Part 2 Article 18.1 of the Federal Law On Personal Data.


7.3. Personal data subjects are entitled to receive additional information pertaining to processing and ensuring security of their personal data by way of submitting official inquiries to the Company in accordance with the Federal Law On Personal Data.