Personal Data Processing Policy1. General ProvisionsThis Personal Data Processing Policy is drawn up in accordance with the requirements of Federal Law No. 152-FZ dated July 27, 2006, "On Personal Data" (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data taken by 3626 (hereinafter referred to as the Operator).
1.1. The Operator considers the observance of human and civil rights and freedoms in the processing of personal data, including the protection of the right to privacy, personal and family secrets, as a top priority and condition for conducting its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may receive about visitors of the website
https://3626.ae/2. Key Terms Used in the Policy2.1. Automated processing of personal data — processing of personal data using computer technology.
2.2. Blocking of personal data — temporary suspension of the processing of personal data (except when processing is necessary to clarify personal data).
2.3. Website — a set of graphical and informational materials, as well as software and databases, ensuring their availability on the Internet at the network address
https://3626.ae/.
2.4. Personal Data Information System — a set of personal data contained in databases and the information technologies and technical means that ensure their processing.
2.5. Depersonalization of Personal Data — actions resulting in the impossibility of determining, without the use of additional information, the ownership of personal data by a specific User or another personal data subject.
2.6. Processing of Personal Data — any action (operation) or a set of actions (operations) performed with or without the use of automation tools on personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state or municipal authority, legal entity, or individual who, independently or jointly with others, organizes and/or carries out the processing of personal data, and also determines the purposes of personal data processing, the composition of personal data to be processed, and the actions (operations) performed with personal data.
2.8. Personal Data — any information directly or indirectly related to an identified or identifiable User of the website
https://3626.ae/.
2.9. Personal Data Made Publicly Available by the Subject of Personal Data — personal data to which the subject of personal data has granted access to an unlimited number of persons by giving consent for the processing of such data in the manner prescribed by the Personal Data Law (hereinafter referred to as "publicly available personal data").
2.10. User — any visitor of the website
https://3626.ae/.
2.11. Provision of Personal Data — actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Dissemination of Personal Data — any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or at making personal data available to an unlimited number of persons, including publication in the media, placement in information and telecommunication networks, or providing access to personal data in any other way.
2.13. Cross-Border Transfer of Personal Data — the transfer of personal data to the territory of a foreign state, to a foreign state authority, foreign individual, or foreign legal entity.
2.14. Destruction of Personal Data — any actions resulting in the irreversible destruction of personal data, making it impossible to restore the content of personal data in the personal data information system and/or leading to the destruction of tangible media containing personal data.
3. Main Rights and Obligations of the Operator3.1. The Operator has the right to:- receive accurate information and/or documents containing personal data from the personal data subject;
- continue processing personal data without the consent of the personal data subject in cases where the subject withdraws consent or submits a request to stop processing, if there are legal grounds provided by the Personal Data Law;
- independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of the obligations stipulated by the Personal Data Law and other relevant legal acts, unless otherwise provided by the Law or other federal laws.
3.2. The Operator is obligated to:- provide the personal data subject, upon request, with information regarding the processing of their personal data;
- organize the processing of personal data in accordance with the current legislation of the Russian Federation;
- respond to inquiries and requests from personal data subjects and their legal representatives in accordance with the requirements of the Personal Data Law;
- provide the authorized body for the protection of the rights of personal data subjects with the necessary information within 10 days from the date of receiving the request from that body;
- publish or otherwise ensure unrestricted access to this Personal Data Processing Policy;
- take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, dissemination, and from other unlawful actions;
- cease the transfer (dissemination, provision, access) of personal data, stop processing, and destroy personal data in the manner and cases provided for by the Personal Data Law;
fulfill other obligations as provided by the Personal Data Law.
4. Main Rights and Obligations of Personal Data Subjects4.1. Personal data subjects have the right to:- receive information regarding the processing of their personal data, except in cases provided for by federal laws. Such information shall be provided by the Operator in an accessible form and must not contain personal data related to other personal data subjects, unless there are legal grounds for disclosing such data. The list of such information and the procedure for obtaining it are established by the Personal Data Law;
- request the Operator to clarify, block, or delete their personal data if such data is incomplete, outdated, inaccurate, unlawfully obtained, or not necessary for the stated purpose of processing, as well as take legal measures to protect their rights;
- require prior consent to the processing of personal data for the purpose of promoting goods, works, or services on the market;
- withdraw their consent to the processing of personal data, and also submit a request to terminate the processing of their personal data;
- file a complaint with the authorized body for the protection of the rights of personal data subjects or seek legal recourse against unlawful acts or omissions of the Operator in the processing of their personal data;
- exercise other rights provided for by the legislation of the Russian Federation.
4.2. Personal data subjects are obliged to:- provide the Operator with accurate information about themselves;
- inform the Operator about the clarification (updating, modification) of their personal data.
**4.3. Persons who have submitted false information about themselves to the Operator, or information about another personal data subject without that person’s consent, are liable in accordance with the legislation of the Russian Federation.
5. Principles of Personal Data Processing5.1. Personal data shall be processed lawfully and fairly.
5.2. The processing of personal data shall be limited to achieving specific, pre-defined, and lawful purposes. Processing that is incompatible with the purposes of collecting personal data is not permitted.
5.3. The merging of databases containing personal data that are processed for incompatible purposes is not allowed.
5.4. Only personal data that is relevant to the purposes of processing shall be subject to processing.
5.5. The content and volume of processed personal data must correspond to the stated purposes of processing. Excessive processing of personal data in relation to the declared purposes is not permitted.
5.6. Personal data must be accurate, sufficient, and, where necessary, kept up to date with respect to the purposes of processing. The Operator shall take necessary measures and/or ensure that such measures are taken to delete or clarify incomplete or inaccurate data.
5.7. Personal data shall be stored in a form that allows the identification of the personal data subject for no longer than is required for the purposes of processing, unless a longer storage period is established by federal law, a contract to which the data subject is a party, beneficiary, or guarantor. Upon achieving the processing purposes or if the need to achieve them is lost, the processed personal data shall be destroyed or anonymized, unless otherwise provided by federal law.
6. Purposes of Personal Data ProcessingPurpose of processing:Informing the User by sending electronic messages.
Personal data involved:Last name, first name, patronymic (if applicable), email address, and phone numbers.
Legal basis:Federal Law "On Information, Information Technologies, and the Protection of Information" dated July 27, 2006, No. 149-FZ.
Types of personal data processing:Collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data.
Sending informational emails to the provided email address.
7. Conditions for the Processing of Personal Data7.1. Personal data shall be processed with the consent of the personal data subject to the processing of their personal data.
7.2. Personal data processing is necessary for achieving purposes established by an international treaty of the Russian Federation or by law, and for the fulfillment of the Operator’s functions, powers, and duties as defined by Russian legislation.
7.3. Personal data processing is necessary for the administration of justice, execution of a court decision, or the act of another authority or official subject to execution under the laws of the Russian Federation on enforcement proceedings.
7.4. Personal data processing is necessary for the performance of a contract to which the personal data subject is a party, beneficiary, or guarantor, or for the conclusion of a contract at the request of the personal data subject.
7.5. Personal data processing is necessary for the realization of the legitimate interests of the Operator or third parties, or for the achievement of socially significant goals, provided that the rights and freedoms of the personal data subject are not violated.
7.6. Processing is carried out on personal data made publicly available by the personal data subject or at their request (hereinafter referred to as publicly available personal data).
7.7. Processing is carried out on personal data subject to publication or mandatory disclosure under federal law.
8. Procedure for Collection, Storage, Transfer, and Other Types of Personal Data ProcessingThe security of personal data processed by the Operator is ensured through the implementation of legal, organizational, and technical measures necessary to fully comply with the current legislation on personal data protection.
8.1. The Operator ensures the confidentiality of personal data and takes all possible measures to prevent unauthorized access to personal data.
8.2. The User’s personal data will never, under any circumstances, be transferred to third parties, except in cases related to compliance with applicable laws or when the personal data subject has given the Operator consent to transfer the data to a third party to fulfill obligations under a civil contract.
8.3. If inaccuracies in personal data are identified, the User may update them independently by sending a notification to the Operator’s email address at
reappleagency@yandex.ru with the subject "Personal Data Update."
8.4. The period of personal data processing is determined by the achievement of the purposes for which the data were collected unless otherwise specified by a contract or applicable legislation.
The User may withdraw their consent to the processing of personal data at any time by sending a notification to the Operator’s email address at
reappleagency@yandex.ru with the subject "Withdrawal of Consent to Personal Data Processing."
8.5. All information collected by third-party services, including payment systems, communication tools, and other service providers, is stored and processed by those parties (Operators) in accordance with their User Agreements and Privacy Policies. The personal data subject is responsible for familiarizing themselves with such documents. The Operator bears no responsibility for the actions of third parties, including the service providers mentioned in this section.
8.6. Any restrictions imposed by the personal data subject on the transfer (except access), as well as on processing or the conditions of processing of publicly available personal data, do not apply when personal data is processed for state, public, or other legally significant interests as defined by Russian law.
8.7. The Operator ensures the confidentiality of personal data when processing them.
8.8. The Operator stores personal data in a form that allows the identification of the personal data subject for no longer than required by the purposes of processing, unless the storage period is established by federal law or by a contract to which the data subject is a party, beneficiary, or guarantor.
8.9. Grounds for terminating the processing of personal data may include the achievement of the purpose of processing, expiration of the subject’s consent, withdrawal of consent, request to terminate processing, or detection of unlawful processing of personal data.
9. List of Actions Performed by the Operator with Collected Personal Data9.1. The Operator performs the collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data.
9.2. The Operator carries out automated processing of personal data with or without the receipt and/or transmission of the obtained information via information and telecommunication networks.
10. Cross-Border Transfer of Personal Data10.1. Prior to carrying out activities related to the cross-border transfer of personal data, the Operator must notify the authorized body for the protection of the rights of personal data subjects of its intention to perform such transfer (this notification is submitted separately from the notification of intent to process personal data).
10.2. Before submitting the aforementioned notification, the Operator must obtain relevant information from the foreign government authorities, foreign individuals, or foreign legal entities to whom the cross-border transfer of personal data is planned.
11. Confidentiality of Personal DataThe Operator and other persons who have gained access to personal data are obligated not to disclose or distribute personal data to third parties without the consent of the personal data subject, unless otherwise provided by federal law.
12. Final Provisions12.1. The User may obtain any clarifications regarding the processing of their personal data by contacting the Operator via email at:
reappleagency@yandex.ru.
12.2. Any changes to the Operator’s personal data processing policy will be reflected in this document. This Policy remains in effect indefinitely until it is replaced with a new version.
12.3. The current version of the Policy is freely available on the Internet at:
https://3626.ae/privacy1.
12.4. Personal data processing is carried out using CallGear. Learn how CallGear uses data when you visit websites or apps of our partners here:
callgear.com/privacy-policy.