Personal data processing policy
1. General provisions
The current personal data processing policy is compiled in accordance with the requirements of the Federal Law No. 152-FZ of July 27, 2006, “On personal data” and defines the procedure for processing personal data and measures to ensure the security of personal data of the users of the Cpabout website (hereinafter referred to as the Operator).
- The operator sets the observance of human and civil rights and freedoms in the processing of personal data as its most important goal and element of their activities, including the protection of the rights to privacy, as well as personal and family secrets.
- The current personal data processing policy (hereinafter referred to as the Policy) applies to all information that the operator may obtain about the visitors of the following website: https://cpabout.com/.
2. Key terms and concepts used in the Policy
- Automated personal data processing is the processing of personal data using computer technologies.
- Blocking of personal data is the temporary termination of the processing of personal data (except for cases when processing is necessary to clarify personal data).
- The website is a set of graphic and informational materials, as well as computer programs and databases, which ensure their availability on the Internet at the following address: https://cpabout.com/.
- A personal data information system is a set of personal data contained in databases, as well as information technologies and technical means that ensure their processing.
- Depersonalization of personal data is the process that consists of different actions, which are intended to make it impossible to determine the identity of a specific user or other personal data subjects without using additional information in addition to the current set of personal data.
- Personal data processing includes any action (operation) or set of actions (operations) (performed with or without the use of automation tools) with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking deletion, and destruction of personal data.
- The operator is a state body, municipal body, legal entity or individual that independently or jointly with other persons organizes and(or) performs the processing of personal data, as well as determines the purposes of processing the personal data, the composition of personal data to be processed, as well as actions (operations) performed with personal data.
- Personal data is any information directly or indirectly related to a specific user of the following website: https://cpabout.com/.
- The user is any user of the following website: https://cpabout.com/.
- The provision of personal data is a set of actions aimed at disclosure of personal data to a certain person or a certain circle of persons.
- Distribution of personal data is a set of any actions aimed at disclosure of personal data to an indefinite circle of people (transfer of personal data) or at familiarization with personal data for an unlimited number of persons, including disclosure of personal data in the mass media, placement in information and telecommunications networks, or providing access to personal data in any other way.
- Cross-border transfer of personal data is a transfer of personal data to the territory of a foreign state to foreign state authority, a foreign individual, or a foreign legal entity.
- Destruction of personal data is any action in which personal data is destroyed irrevocably, making it impossible to restore the contents of personal data in the information system.
3. The operator may process the following personal data of the user
- Surname, name, and patronymic.
- Phone number.
- Email address.
- Kindly note that our website involves the collection and processing of anonymous data about visitors (including “Cookies”) through the statistic services (Yandex.Metrika, Google Analytics, and others).
- All types of these data are combined under the Personal data term within the current Policy.
4. Purposes of personal data processing
- The purpose of processing the personal data is to inform the user about various events by sending emails; to provide the user with access to the services, information, and (or) materials contained on the website.
- Kindly note that the operator reserves the right to send notifications to the user about new products and services, special offers, and various events. The user reserves the right to refuse to receive information messages by sending an email to the operator at email@example.com with the following topic: “Unsubscribe from notifications about new products, services, and special offers.”
- Depersonalized user data collected by the statistics services are used to gather information about the actions of the user on the website, as well as to improve the quality of the website and its content.
5. Legal grounds for processing personal data
- The operator processes the personal data only if they are sent by the user independently through special feedback forms located on the following website: https://cpabout.com/. By filling out the mentioned forms and (or) sending their personal data to the operator, the user agrees to all the provisions of the current Policy.
6. Procedure for collecting, storing, transferring and other types of personal data processing
The security and safety of personal data processed by the operator are ensured by implementing legal, organizational, and technical measures required to fully comply with the current legislation in the field of personal data protection.
- The operator ensures the safety of personal data and takes all possible measures to prevent access to personal data of unauthorized persons.
- The personal data will never (under any circumstances) be transferred to third parties, except the cases related to the implementation of current legislation.
- In case of mistakes and inaccuracies in the personal data, the user can update them independently by sending a notification to the email address of the operator at firstname.lastname@example.org with the “Updating personal data” subject.
- The term for processing personal data is unlimited. The user can withdraw their consent to the processing of personal data at any time by sending a notification to the operator’s email address at email@example.com with the “Revocation of consent to the processing of personal data” subject.
7. Cross-border transfer of personal data
- The operator must ensure that the rights of personal data subjects are reliably protected by the foreign state to which the personal data is intended to be transferred prior to the start of the cross-border transfer of personal data.
- Cross-border transfer of personal data to the territory of foreign states that do not meet the above requirements can only be carried out if the personal data subject agrees in writing and (or) performs the contract that involves such processing of the personal data.
8. Final provisions
- The user is able to address all the questions related to the processing of their personal data by contacting the operator at firstname.lastname@example.org.
- Kindly note that the current document will reflect any changes to the personal data processing policy of the operator. The policy is valid indefinitely until the moment when it is replaced with a new version.