The Personal Data Processing Policy (hereinafter referred to as the "Policy") – is a document stating the relationship between individuals who are subjects of personal data (hereinafter referred to as the "User") and Trismegist Rus LTD, TIN/KPP 7810912960/781001001, OGRN 1217800017962, location: 196105, Saint Petersburg, ext.g. Moskovskaya zastava municipal district, Moskovsky Prospekt, 139, room 2, letter A, room.162-N, office 6 (hereinafter referred to as the "Operator" or "Company") regarding the processing of personal data.
The Policy was developed in accordance with Clause 2, Part 1, Article 18.1 of Federal Law No. 152-FZ dated July 27, 2006 "On Personal Data" (hereinafter — the Federal Law "On Personal Data").
The Policy contains information subject to disclosure in accordance with Part 1 of Article 14 of the Federal Law "On Personal Data", is a publicly available document and is located at: https://trismegistrus.ru/en/privacy-policy.
The Company has the right to change this Policy at any time by publishing appropriate changes. This Policy cannot be changed except by publishing the amended document on the Company's Website. The relations between the User and the Company arising in connection with the application of this Policy are subject to the law of the Russian Federation.
Personal data is any information related directly or indirectly to a specific or identifiable natural person (personal data subject).
Personal data processing is any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
The operator of personal data is Trismegist Rus LTD, which independently or jointly with other persons organizes and/or processes personal data, as well as determines the purposes of personal data processing, their composition to be processed, and actions (operations) performed with Users' personal data.
Confidentiality of personal data is the duty of the Operator and other persons who have access to personal data not to disclose or distribute it to third parties without the consent of the personal data subject, unless otherwise provided by federal laws.
Website is an online resource located on the Internet at: https://trismegistrus.ru/en, owned by the Company. The Company does not allow any changes to be made to the content of this Website.
The User's use of the Website means acceptance of this Policy and the terms of processing of the User's personal data.
In case of disagreement with the terms of the Policy, the User must immediately stop using the Site.
This Policy applies only to the Website.
Users have the right to:
The right to receive personal data related to this User and information related to their processing;
To clarify, block or destroy his personal data if they are incomplete, outdated, inaccurate, illegally obtained or are not necessary for the stated purpose of processing;
To revoke their consent to the processing of personal data by personal request or by sending a written request in free form by registered mail with delivery notification to the Operator or to the following email address: contact@trismegistrus.ru;
To protect their rights and legitimate interests, including compensation for damages and compensation for moral damage in court;
To appeal against the actions or omissions of the Company to the authorized body for the protection of the rights of personal data subjects or in court.
The Company processes personal data on a legitimate basis in order to perform the functions, powers and duties assigned by law, and to exercise the rights and legitimate interests of the Company and Users.
The legal grounds for processing personal data are:
Federal Law "On Personal Data";
other regulatory legal acts regulating relations related to the Company's activities;
consent to the processing of personal data, expressed in the manner prescribed by law and this Policy;
local regulations of the Operator.
The User decides to provide his personal data and agrees to their processing freely, voluntarily and in his own interest. The User's inaction cannot be interpreted as consent. Consent to the processing of personal data must be specific, substantive, informed, conscious and unambiguous.
This Policy sets out the Company's obligations for non-disclosure and ensuring the confidentiality of personal data that the User provides when using the Site.
The Company processes Users' personal data in order to comply with the laws of the Russian Federation, as well as:
processing of requests and requests on the Website;
establishing feedback, including sending notifications and requests and commercial offers.
The Company processes Users' personal data with their consent, given by checking the consent box under the personal data collection form posted on the Website.
Categories of personal data that the Company collects to achieve the goals specified in clause 6.2. of the Policy:
Surname;
Name;
Middle name;
Contact phone number;
Email address;
other similar information provided by the User, on the basis of which it is possible to identify the subject of personal data.
The Company does not process special categories of Users' personal data.
The Company does not process biometric categories of Users' personal data.
This Policy applies only to information processed during the use of the Website.
The Company does not verify the accuracy of the personal data provided by the User and is unable to assess their relevance. However, the Company assumes that Users provide reliable and sufficient personal data and keep it up to date.
The User's personal data may be transferred to authorized state authorities of the Russian Federation only on the grounds and in accordance with the procedure established by the current legislation of the Russian Federation.
The personal data of Users is processed by the Company until the achievement of the processing objectives or until the withdrawal of the User's consent to the processing of personal data.
The Company processes Users' personal data in a mixed (automated and non-automated manner using computer technology) way.
Personal data processing activities include collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, depersonalization, blocking, deletion and destruction.
The confidentiality of Users' personal data is maintained.
The Operator is obliged to ensure that confidential information is kept confidential, not disclosed without the User's prior written permission, as well as not to sell, exchange, publish or otherwise disclose the User's transferred personal data, except as specified in clause 6.9 of this Policy.
The processed personal data is subject to destruction or depersonalization upon achievement of the processing objectives or in case of loss of the need to achieve these objectives, unless otherwise provided by the Federal Law "On Personal Data".
The Company appoints a person responsible for organizing the processing of personal data to fulfill the duties stipulated by the Federal Law "On Personal Data" and the regulatory legal acts adopted in accordance with it.
The Company applies a set of legal, organizational and technical measures to ensure the security of personal data to ensure the confidentiality of personal data and protect them from unlawful actions.:
Establishes rules for access to personal data processed in the Company's information system, as well as ensures registration and accounting of all actions with them.;
Evaluates the harm that may be caused to Users in case of violation of the Federal Law "On Personal Data";
Identifies threats to the security of personal data during their processing in the Company's information system;
Applies organizational and technical measures and uses information protection tools necessary to achieve the established level of personal data security.;
Detects unauthorized access to personal data and takes measures to respond, including restoring personal data that has been modified or destroyed as a result of unauthorized access to it.;
Evaluates the effectiveness of measures taken to ensure the security of personal data prior to the commissioning of the Company's information system;
Performs internal control over the compliance of personal data processing with the Federal Law "On Personal Data", regulatory legal acts adopted in accordance with it, requirements for personal data protection, this Policy and other local acts, including control over measures taken to ensure the security of personal data and their level of security during processing in the Company's information system.
The database of information containing personal data of Users who are citizens of the Russian Federation is located on the territory of the Russian Federation.
In order to exercise their rights and legitimate interests, Users have the right to contact the Operator or send a request in person or with the help of a representative to the address specified in clause 1.1. of the Policy or via the feedback form. The request must contain the information specified in Part 3 of Article 14 of the Federal Law "On Personal Data".