10: 00-20: 00, every day
5/5  Yandex.Market
+7 (495) 108 02 72

Cart 0 $
add product here

Personal Data Processing Policy

1. Purpose and scope of the document

1.1. The policy of MIR LLC (hereinafter also referred to as the Company) regarding the processing of personal data (hereinafter referred to as the Policy) defines the position and intentions of the Company in the field of processing and protection of personal data, in order to respect and protect the rights and freedoms of every person and, in particular, the right to privacy, personal and family secrets, the protection of one's honor and good name.

1.2. The Policy applies to all personal data of subjects processed in the Company with the use of automation tools and without the use of such tools.

1.3. Any subject of personal data has access to this Policy.

2. Definitions

2.1. Personal data - any information related directly or indirectly to a specific or identifiable individual (citizen). I.e., such information, in particular, may include: full name, year, month, date and place of birth, address, information about family, social, property status, information about education, profession, income, information about health status, as well as other information.

2.2. Personal data processing - any action (operation) or a set of actions (operations) with personal data performed with or without the use of automation tools. Such actions (operations) include: collection, receipt, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.

3. Principles and conditions of personal data processing

3.1. By personal data security, the Company understands the protection of personal data from unauthorized or accidental access to it, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data and takes the necessary legal, organizational and technical measures to protect personal data.

3.2. Processing and ensuring the security of personal data in the Company is carried out in accordance with the requirements of the Constitution of the Russian Federation, Federal Law No. 152-FZ "On Personal Data", by-laws, other federal laws of the Russian Federation defining the cases and features of personal data processing, guidelines and methodological documents of the FSTEC of Russia and the FSB of Russia.

3.3. When processing personal data, the Company adheres to the following principles:

  • legality and a fair basis;
  • restrictions on the processing of personal data for the achievement of specific, pre-defined and legitimate purposes;
  • preventing the processing of personal data that is incompatible with the purposes of collecting personal data;
  • preventing the integration of databases containing personal data, the processing of which is carried out for purposes that are incompatible with each other;
  • processing of personal data that meets the purposes of their processing;
  • content matches.

3.4. The Company processes personal data only if at least one of the following conditions is met:

  • the processing of personal data is carried out with the consent of the personal data subject to the processing of his personal data;
  • the processing of personal data is necessary for the achievement of the purposes provided for by law, for the implementation and performance of the functions, powers and duties assigned to the operator by the legislation of the Russian Federation;
  • the processing of personal data is necessary for the performance of a contract to which the subject of personal data is a party or beneficiary or guarantor, as well as for the conclusion of a contract on the initiative of the subject of personal data or a contract under which the subject of personal data will be a beneficiary or guarantor;
  • the processing of personal data is necessary for the exercise of the rights and legitimate interests of the Company or third parties or for the achievement of socially significant goals, provided that the rights and freedoms of the personal data subject are not violated;
  • the processing of personal data is carried out, the access of an unlimited number of persons to which is provided by the subject of personal data or at his request;
  • personal data subject to publication or mandatory disclosure in accordance with federal law is processed.

3.5. The Company has the right to entrust the processing of personal data of citizens to third parties, on the basis of a contract concluded with these persons. Persons who process personal data on behalf of the Company undertake to comply with the principles and rules for the processing and protection of personal data provided for by Federal Law No. 152-FZ "On Personal Data". For each person, a list of actions (operations) with personal data that will be performed by a legal entity that processes personal data, the purposes of processing, the obligation of such a person to maintain confidentiality and ensure the security of personal data during their processing, as well as the requirements for the protection of processed personal data are specified.

3.6. In cases established by the legislation of the Russian Federation, the Company has the right to transfer personal data of citizens.

3.7. For information purposes, the Company may create publicly available sources of personal data of employees, including reference books and address books. Publicly available sources of personal data may include the employee's last name, first name, patronymic, date and place of birth, position, contact phone numbers, and email address with the employee's consent. Information about an employee must be excluded from publicly available sources of personal data at any time at the request of the employee or by a court decision or other authorized state bodies.

3.8. The Company destroys or depersonalizes personal data when the purposes of processing are achieved or when it is no longer necessary to achieve the purpose of processing.

4. Rights of the personal data subject

A citizen whose personal data is processed by the Company has the right to:

  • receive from the Company:
    • confirmation of the fact of processing of personal data by the Company;
    • legal grounds and purposes of personal data processing;
    • name and location of the Company;
    • information about persons who have access to personal data or to whom personal data may be disclosed on the basis of a contract with the Company or on the basis of a federal law;
    • the list of processed personal data related to the citizen from whom the request was received and the source of their receipt, unless a different procedure for
    • providing such data is provided for by federal law;
    • information about the terms of processing of personal data, including the terms of their storage;
    • information on the procedure for exercising the rights provided for by the Federal Law" On Personal Data " No. 152-FZ;
    • name and address of the person who processes personal data on behalf of the Company;
    • other information provided by the Federal Law" On Personal Data " No. 152-FZ or other federal laws;
  • request clarification of their personal data, their blocking or destruction if the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing;
  • withdraw your consent to the processing of personal data;
  • demand the elimination of illegal actions of the Company in relation to his personal data;
  • appeal against the actions or omissions of the Company to the Federal Service for Supervision of Communications, Information Technologies and Mass Communications (Roskomnadzor) or in court if a citizen believes that the Company processes his personal data in violation of the requirements of Federal Law No. 152-FZ "On Personal
  • Data" or otherwise violates his rights and freedoms;
  • to protect their rights and legitimate interests, including compensation for damages and / or compensation for non-pecuniary damage in court.

5. Measures to ensure the security of personal data during their processing

5.1. When processing personal data, the Company takes the necessary legal, organizational and technical measures to protect personal data from unauthorized or accidental access to it, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data.

5.2. Such measures in accordance with Federal Law No. 152-FZ "On Personal Data" include:

  • identification of threats to the security of personal data during their processing in personal data information systems;
  • application of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems, necessary to meet the requirements for the protection of personal data, the implementation of which ensures the levels of personal data protection established by the Government of the Russian Federation;
  • the use of information security tools that have passed the compliance assessment procedure in accordance with the established procedure;
  • evaluation of the effectiveness of the measures taken to ensure the security of personal data prior to the commissioning of the personal data information system;
  • detection of unauthorized access to personal data and taking measures;
  • recovery of personal data modified or destroyed as a result of unauthorized access to them;
  • establishing rules for access to personal data processed in the personal data information system, as well as ensuring the registration and accounting of all actions performed with personal data in the personal data information system;
  • control over the measures taken to ensure the security of personal data and the level of security of personal data information systems;
  • accounting for machine-based personal data carriers;
  • organization of access control to the Company's territory;
  • placement of technical means of personal data processing within the protected area;
  • maintenance of technical means of protection, alarm systems in constant readiness;
  • monitoring of user actions, conducting proceedings on violations of personal data security requirements

Have you watched recently