PERSONAL DATA PROCESSING POLICY
1. GENERAL PROVISIONS This Personal Data Processing Policy is drawn up in accordance with Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data undertaken by Alexey Andrienko (hereinafter referred to as the Operator).
1.1. The Operator considers compliance with the rights and freedoms of individuals and citizens when processing their personal data as one of its most important objectives, including the protection of the rights to privacy, personal and family confidentiality.
1.2. This Policy applies to all information that the Operator may obtain about visitors to the website https://alexey-andrienko.com/.
2. BASIC TERMS USED IN THE POLICY
2.1. Automated processing of personal data — processing using computer technology.
2.2. Blocking of personal data — temporary suspension of data processing (unless necessary to clarify the personal data).
2.3. Website — a set of graphic and information materials, as well as software and databases, accessible via the Internet at https://alexey-andrienko.com/.
2.4. Personal data information system — a set of personal data contained in databases and processed using information technologies and technical means.
2.5. Depersonalization of personal data — actions that make it impossible to determine the identity of the personal data subject without additional information.
2.6. Processing of personal data — any operation or set of operations performed with or without automation tools, including collection, recording, systematization, accumulation, storage, clarification, retrieval, use, transfer, depersonalization, blocking, deletion, or destruction of personal data.
2.7. Operator — a legal or natural person, public or municipal body that organizes or performs the processing of personal data and determines the purposes and scope of processing.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable user of the website https://alexey-andrienko.com/.
2.9. Personal data allowed for distribution — personal data provided by the subject for open access by giving consent in accordance with the Personal Data Law.
2.10. User — any visitor to the website https://alexey-andrienko.com/.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group. 2.12. Distribution of personal data — actions aimed at disclosing personal data to an indefinite number of persons or making it available through mass media or telecommunication networks. 2.13. Cross-border transfer of personal data — transfer of personal data to a foreign country, foreign legal entity, or foreign individual.
2.14. Destruction of personal data — actions resulting in the irreversible elimination of personal data with no further possibility of recovery.
3. RIGHTS AND OBLIGATIONS OF THE OPERATOR
3.1. The Operator has the right to: – obtain accurate information and/or documents containing personal data from the subject; – continue processing personal data without the subject’s consent if there are legal grounds under the Personal Data Law, even after consent is withdrawn; – independently determine the composition and list of measures necessary to fulfill obligations under the Personal Data Law, unless otherwise specified by law.
3.2. The Operator is obliged to: – provide information about the processing of personal data upon the subject’s request; – organize processing in accordance with the current legislation of the Russian Federation; – respond to inquiries from data subjects or their representatives; – provide information to the authorized data protection body within 10 days upon request; – publish or otherwise ensure unrestricted access to this Policy; – implement legal, organizational, and technical measures to protect data from unauthorized access, alteration, destruction, or dissemination; – cease data transfer and destroy personal data under the circumstances provided by law; – fulfill other duties stipulated by the Personal Data Law.
4. RIGHTS AND OBLIGATIONS OF PERSONAL DATA SUBJECTS
4.1. Subjects have the right to: – access information about their personal data processing, except in cases stipulated by law; – request correction, blocking, or deletion of inaccurate or unlawfully obtained data; – require prior consent for processing data for marketing purposes; – withdraw consent and request termination of processing; – appeal unlawful actions or inaction in court or with the supervisory authority; – exercise other rights granted by law.
4.2. Subjects must:
– provide accurate personal information to the Operator; – inform the Operator about updates or changes to their data.
4.3. Persons who submit false data or data about others without consent are liable under Russian law.
5. PRINCIPLES OF PERSONAL DATA PROCESSING
5.1. Processing must be lawful and fair.
5.2. Processing is limited to specific, lawful purposes.
5.3. Combining databases with incompatible purposes is prohibited.
5.4. Only data relevant to processing goals is permitted.
5.5. The scope of processed data must not exceed the stated purposes.
5.6. Accuracy and relevance of data must be ensured, with corrections made when needed.
5.7. Data is stored no longer than necessary and destroyed or anonymized when no longer required.
6. PURPOSE OF PERSONAL DATA PROCESSING Purpose: To provide the User with access to services, content, or materials on the website. Personal Data: Full name, email address, phone number. Legal Basis: Operator’s charter documents, agreements between Operator and data subject.
Types of Processing: Collection, storage, anonymization, deletion, and sending informational emails.
7. CONDITIONS FOR PERSONAL DATA PROCESSING
7.1–7.7: Processing is based on consent, legal obligations, contract execution, legal interest, public access, and mandatory disclosure as required by law.
8. PROCEDURE FOR COLLECTION, STORAGE, AND TRANSFER Data security is ensured via legal, organizational, and technical measures.
8.1–8.9: Data is kept secure, not shared without consent (except by law), subject to correction and deletion upon request, and third-party processors must follow their own privacy policies.
9. DATA HANDLING ACTIONS The Operator may collect, store, update, retrieve, use, transfer, anonymize, block, delete, and destroy data. Automated processing may involve telecommunication networks.
10. CROSS-BORDER DATA TRANSFER The Operator must notify the authority prior to any cross-border transfer and obtain assurances from foreign entities.
11. CONFIDENTIALITY The Operator and any party with access to personal data must not disclose it without the subject’s consent, unless required by law.
12. FINAL PROVISIONS
12.1. Users may contact the Operator at privacy@thismywebsite.com for clarification.
12.2. Changes to the Policy will be reflected in this document.
12.3. The current version is publicly available at https://alexey-andrienko.com/privacy