1. General Provisions
1.1. This Personal Data Processing Policy (hereinafter referred to as the "Policy") has been developed in accordance with the requirements of personal data legislation and defines the procedure for processing personal data and security measures taken by [company name] (hereinafter referred to as the "Operator").
1.2. The purpose of this Policy is to protect human and civil rights and freedoms when processing their personal data, including the protection of privacy rights, personal and family secrets.
2. Definitions and Terms
2.1. Personal data - any information relating to directly or indirectly identified or identifiable individual (personal data subject).
2.2. Processing of personal data - any action (operation) or set of actions (operations) performed with personal data with or without automation tools.
2.3. Operator - an organization that independently or jointly with others organizes and/or carries out the processing of personal data, as well as determines the purposes of processing personal data, the composition of personal data to be processed, and the actions (operations) performed with personal data.
3. Principles of Personal Data Processing
3.1. Processing of personal data is carried out on a lawful and fair basis.
3.2. Processing of personal data is limited to achieving specific, predetermined and lawful purposes.
3.3. Processing of personal data incompatible with the purposes of personal data collection is not permitted.
3.4. Merging of databases containing personal data processed for incompatible purposes is not permitted.
3.5. Only personal data that meets the purposes of their processing is subject to processing.
3.6. The content and scope of processed personal data correspond to the stated processing purposes.
3.7. When processing personal data, the accuracy of personal data is ensured, their sufficiency, and when necessary, relevance in relation to the purposes of personal data processing.
4. Purposes of Personal Data Processing
4.1. The Operator processes personal data for the following purposes:
- Providing services to users;
- User identification for contract execution;
- Providing customer support;
- Sending information about new products and services;
- Conducting marketing, statistical and other research.
5. Rights of Personal Data Subjects
5.1. The personal data subject has the right to receive information regarding the processing of their personal data.
5.2. The personal data subject has the right to request the Operator to clarify, block or destroy their personal data if the data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated processing purpose.
5.3. The personal data subject has the right to withdraw consent to the processing of personal data.
6. Ensuring Personal Data Security
6.1. The Operator takes necessary legal, organizational and technical measures to protect personal data from unlawful or accidental access, destruction, alteration, blocking, copying, provision, distribution of personal data, as well as from other unlawful actions regarding personal data.
6.2. These measures include:
- Appointment of a person responsible for organizing personal data processing;
- Development and approval of local regulations on personal data processing and protection;
- Application of legal, organizational and technical measures to ensure personal data security.
7. Final Provisions
7.1. This Policy is publicly available and must be posted on the Operator's official website.
7.2. Control over compliance with the requirements of this Policy is carried out by the person responsible for organizing personal data processing.