1.1. This Policy regarding the processing of personal data of users (Clients) of the website (hereinafter — the ‘Policy’)
was adopted by Dusol Limited Liability Company (hereinafter — the ‘Operator’ ).
The policy applies to the processing of personal data through
a website www.duslate.com
and administered by the Operator (hereinafter referred
to as the ‘Website’).
1.2 This Policy is developed in accordance with and taking into account the provisions of the Constitution of the Russian Federation, Federal Law of July 27, 2006 No. 149-FZ ‘On Information, Information Technologies and the Protection of Information’, Federal Law of July 27, 2006 No. 152-ФЗ ‘О personal data’, as well as other regulatory legal acts of the Russian Federation in the field of processing and protection of information and personal data.
1.3 This Policy contains information on the basic principles, purposes, procedure and conditions for the processing of personal data, as well as information on the requirements of the Operator to protect personal data processed by the Operator, and is intended to protect the rights and freedoms of personal data subjects in the processing of their personal data by the Operator.
1.4 This Policy is constantly published (posted) on the Website in order to ensure unlimited access to it.
1.5. The processing of personal data is carried out on the territory of the Russian Federation and in accordance with the legislation of the Russian Federation (hereinafter — the ‘Applicable Law’).
2.1. For the purposes of applying and interpreting this Policy, the basic terms defined below are used (unless otherwise specified in the Policy). In the text of the Policy, these terms can be indicated with a capital or small letter in the singular or plural.
Blocking of personal data — temporary termination of the processing of personal data (unless the processing is necessary to clarify personal data).
Online store — duslate.com website selling goods online and operated by Dusol LLC.
Information - information (messages, data) regardless of the form of their presentation.
Personal data information system — a set of personal data contained in databases and providing their processing of information technologies and technical means.
Client (User) — an individual with access to the Website via the Internet and using the website of the online store.
Personal data processing — any action (operation) or actions (operations) performed using automated tools or without using such tools with personal data, including collection, recording, systematization, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
Operator — LLC " Dusol" Tax Payer Identification Number 5010056107, Main State Registration Number 1195081025842, located at the address: Russia, 107564, Moscow, Krasnobogatyrskaya str.,2, bld.2, Floor 1, Entrance 28, Office 34.
Personal data — any information related to a specific customer (personal data subject).
Policy — this Policy of Dusol LLC regarding the processing of personal data of users on the website.
Providing personal data — actions aimed at the disclosure of personal data to a specific person or persons.
Applicable law — the legislation of the Russian Federation.
Distribution of personal data — actions aimed at the disclosure of personal data to other persons.
Website — an Internet site located at: www.duslate.com and administered by the Operator.
Collection of personal data is a process of obtaining personal data by the Operator directly from Users.
Personal data subject — an individual to whom personal data relates.
Feedback forms — web forms posted on the Website and designed to send electronic messages to the Operator.
Destruction of personal data — actions, as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which material carriers of personal data are destroyed.
Personal data storage — a process involving the finding of personal data in a systematic manner at the disposal of the Operator.
Cookies — a small piece of data sent by a web server and stored on the user’s computer. A web client (usually a web browser) each time you try to open the page of the corresponding Website sends this piece of data to the web server as part of an HTTP request. If you refuse to receive data, some functions of the Website may not work correctly.
the website of the online store, programs and products of the online store.
3.2. The use of the information provided only takes into account the needs and interests of the Client. Personal data is provided by the Client with the purpose of:
- making purchases (creating an account, providing technical support related to the use of the Website, notification of the status of the order, processing and receipt of payments);
- receiving news, information about products, events or services;
- participation in contests and questionnaires;
- receiving information about promotions.
3.4 The Operator’s policy regarding the processing of Users personal data on the Websites is that personal data should be processed only in cases established by law, based on the main areas of the Operator’s activities and taking into account the balance of interests of the Operator and the subjects of personal data. The processing of personal data by the Operator is subject to the need to protect the rights and freedoms of personal data subjects, including the protection of the right to privacy, personal and family secrets, based on the following principles:
- personal data is processed by the Operator lawfully and fairly;
- the processing of personal data is limited to the achievement of specific, predetermined and legitimate purposes;
- personal data processing incompatible with the purposes of collecting personal data is not allowed;
- it is not allowed to combine databases containing personal data, the processing of which is carried out for purposes incompatible with each other;
- only personal data subject to the purposes of their processing are subject to processing;
- the content and volume of the processed personal data is consistent with the stated processing purposes; redundancy of processed personal data in relation to the declared purposes of their processing is not allowed;
- when processing personal data, the accuracy of personal data, their adequacy, and, if necessary, and relevance in relation to the purposes of processing personal data are ensured. The operator takes the necessary measures (or ensures their adoption) to delete or clarify incomplete or inaccurate personal data;
- storage of personal data is carried out in a form that allows to determine the subject of personal data, no longer than what is required by the purpose of processing personal data, unless a different storage period for personal data is established by an agreement to which the subject of personal data is the beneficiary or guarantor. The processed personal data is destroyed upon the achievement of the processing purposes or in case of loss of the need to achieve these purposes, unless otherwise provided by law.
by the Client by filling out the registration form on the website of the online store and includes the following information:
4.1.1. surname, name, patronymic of the Client;
4.1.2. Customer contact telephone number;
4.1.3. email address (e- mail );
4.1.4. Goods delivery address;
4.2. The online store protects data that is automatically transmitted when viewing ad units and when visiting pages on which the system’s statistical script is installed (‘pixel’):
4.2.1. IP address (not used to identify the Client, the purpose of the collection is to identify and solve technical problems, control the legality of financial payments);
4.2.2. information from cookies;
4.2.3. information about the browser (or other program that provides access to the display of advertising);
4.2.4. access time;
4.2.5. address of the page on which the ad unit is located;
4.2.6. referrer (address of the previous page).
4.3 When developing Feedback Forms, the Operator ensures that the content and volume of processed personal data are consistent with the stated processing purposes.
4.4 The processing of special categories of personal data, in particular regarding race, nationality, criminal record, political views, religious or philosophical beliefs, is not carried out by the Operator. The biometric personal data of Users (for example, photographs) on the Website are not processed.
4.5 The Operator never collects personal data in secret from Users. The Website may use services for maintaining statistics of visits, determining the level of interest of visitors and other similar tools that collect and analyze only anonymized information (not personal data). The Website can automatically save cookies to users’ computers (small text files of a technical nature) that do not contain personal data and are not used to identify the user. If the User does not want to save the specified files to his computer, he can at any time change the browser settings and delete already saved files using the standard browser functionality.
5.1. The legal basis for the processing of personal data by the Operator is a set of legal acts, pursuant to which and
in accordance with which the Operator processes personal data and protects the rights of personal data subjects.
5.2 The legal basis for the processing of personal data using the Website include the following legislation of the Russian Federation: Article 10 of the Federal Law of July 27, 2006 No. 149-FZ ‘On Information, Information Technologies and the Protection of Information’, Art. 18 of the Federal Law of March 13, 2006 No. 38-FZ ‘On Advertising’, subparagraphs 1 and 5 of part 1 of article 6, part 3 of article 14 of the Federal Law of July 27, 2006 No. 152-FZ of ‘On personal data’ and other provisions of regulatory legal acts depending on the specific purposes of processing.
6.1. Processing of personal data on the Website is carried out using methods using and without using automation tools for the time required to achieve the processing purposes.
A condition for terminating the processing of personal data by the Operator may be the achievement of the purposes of their processing, the revocation of the consent of the personal
data subject to the processing of his personal data, the termination of the Operator’s activities, ceasing operation of the Website or the modification of its functionality.
6.2 Using the functionality of the Website, the Operator collects, records, extracts and uses the personal data of Users. If necessary, the Operator may carry out cross-border transfer of personal data to the extent established by the Applicable Law. The operator checks whether the state on whose territory personal data is transferred ensures adequate protection of the rights of personal data subjects before the cross-border transfer of personal data begins.
6.3 Other operations with personal data, including storage, are carried out without using the Website and are regulated by the Operator’s internal documents.
6.4 In order to carry out communications with Users, the Operator ensures the functioning of the Feedback Forms and the processing of requests received through them. Appeals are not stored on the Websites, but are received by authorized employees of the Operator for subsequent work. In this case, the Operator processes only personal data entered by Users in the corresponding fields of the Feedback Forms. For example, such data may be (depending on the specific Feedback Form): full name; Contact details; data specified in the message; and others. Response to User requests is carried out by the Operator’s employees without using the functionality of the Website.
6.5 The functionality of the Website supports mailing for Users. The subject matter of the messages is determined by the choice of the User and may include advertising, news, reference information and other materials. At the Operator’s discretion, mailings can be made using or without the use of Users personal data , namely:
6.5.1 by decision of the Operator and subject to the consent of the Users, personal data (for example, name, contact details, positions, names of employing organizations and others) may be collected through the appropriate web-based mailing form and used to personalize the newsletter, send targeted advertising and other similar tasks;
6.5.2 distribution without the use of personal data is carried out only at the email addresses that Users indicate in the corresponding web form. At the same time, no other information relating to a directly or indirectly determined or determined individual is requested or collected.
6.6 Using the Website, Users can register for an informational or marketing event. For registration, name, contact details, position and other personal data may be processed. After sending the application for registration, the User can receive a confirmation or refusal to register by e-mail or by phone.
6.7 To use the personal account, Users who are the Operator’s customers go through the registration procedure, during which, using the Feedback Form, they inform the Operator the name, contact details (in terms of email address), username and password selected by the User, and other personal data.
6.8 In all cases, the processing of personal data by the Operator is carried out with the consent of the Users, unless otherwise provided by the legislation of the Russian Federation.
6.9 In order to achieve the stated processing purposes, the Operator may disclose personal data to third parties, including its affiliated companies, as well as entrust the processing of personal data to other parties on the basis of an agreement containing confidentiality conditions and other mandatory provisions prescribed by Applicable law.
6.10 When collecting personal data, the Operator always proceeds from the following:
- all personal data belongs only to the User who has filled out the Feedback Form (entering personal data of another person is prohibited);
- the user has reached the age of 18 and is capable;
- the user has provided reliable and relevant personal data.
- the Operator can contact the User and ask him to clarify personal data before considering the User's message on the merits if there are doubts about the fulfillment of the above conditions. 6.11 When collecting personal data, the Operator shall record, systematize, store, clarify (update, change), extract personal data of citizens of the Russian Federation using databases located on the territory of the Russian Federation.
6.12 Users personal data is confidential information in accordance with Applicable Law. The operator takes measures necessary and sufficient to ensure the fulfillment of the obligations stipulated by the legislation of the Russian Federation in the field of personal data. If necessary, the Operator performs the following measures aimed at protecting the rights of subjects of personal data:
- the appointment by the Operator of the person responsible for organizing the processing of personal data;
- publication by the Operator of documents defining the operator’s policy regarding the processing of personal data, local acts on the processing of personal data, as well as local acts establishing procedures aimed at preventing and detecting violations of the legislation of the Russian Federation, eliminating the consequences of such violations;
- application of legal, organizational and technical measures to ensure the security of personal data in accordance with the legislation of the Russian Federation in the field of personal data;
- internal control and (or) audit of the compliance of personal data processing with the legislation of the Russian Federation in the field of personal data and regulatory legal acts adopted in accordance with it, requirements for the protection of personal data, the Operator’s policy regarding the processing of personal data, local acts of the Operator;
- assessment of the harm that may be caused to personal data subjects in case of violation of the legislation of the Russian Federation in the field of personal data, the ratio of the specified harm and the measures taken by the Operator aimed at ensuring the fulfillment of obligations stipulated by the legislation of the Russian Federation in the field of personal data;
- familiarization of the Operator’s employees directly processing personal data with the provisions of the legislation of the Russian Federation in the field of personal data, including requirements for the protection of personal data, documents defining the Operator’s policy regarding the processing of personal data, local acts on the processing of personal data, and (or) training of these employees;
- providing unrestricted access to the document defining the policy regarding the processing of personal data, to information on the ongoing requirements for the protection of personal data, including the publication of this Policy on the Website.
- identifying threats to the security of personal data when they are processed in personal data information systems;
- the application of organizational and technical measures to ensure the security of personal data when they are processed in personal data information systems necessary to fulfill the requirements for the protection of personal data, the implementation of which ensures the levels of personal data security established by the Government of the Russian Federation;
- the use of the procedures for assessing the conformity of information protection facilities that have passed in the established manner;
- assessment of the effectiveness of measures taken to ensure the security of personal data prior to the commissioning of personal data information systems;
- accounting of machine carriers of personal data;
- detection of unauthorized access to personal data and taking measures;
- restoration of personal data modified or destroyed due to unauthorized access to them;
- establishing rules for access to personal data processed in personal data information systems, as well as ensuring registration and accounting of all actions performed with personal data in personal data information systems;
- control over measures taken to ensure the security of personal data and the level of security of personal data information systems.
- organization of a security regime for the premises in which the information system is located that prevents unauthorized access or staying in these premises of persons who do not have the right of access to these premises;
- ensuring the safety of personal data carriers;
- approval by the CEO of the Operator of a document defining a list of persons whose access to personal data processed in information systems is necessary for them to perform official (labor) duties.
- use of means of protection of personal data that have passed the procedure for assessing compliance with the requirements of the legislation of the Russian Federation in the field of personal data protection, in the case when the use of such means is necessary to eliminate revealed threats;
- appointment of an officer (employee) responsible for ensuring the security of personal data in the information systems of the Operator.
7. RIGHTS AND OBLIGATIONS OF PERSONAL DATA SUBJECTS
7.1 The user of the Website has the right to:
- obtaining information regarding the processing of his personal data, including access to his personal data and obtaining a copy of any record containing his personal data, except as otherwise provided by the legislation of the Russian Federation;
- clarification of their personal data, their blocking or destruction in cases established by law;
- appeal of actions (inaction) of the Operator in the competent authorities;
- protection of rights and legitimate interests in a judicial or other manner prescribed by law;
- withdraw his consent to the processing of personal data;
- exercise other rights provided for by the legislation of the Russian Federation in the field of personal data.
- not to disclose to third parties the login and password used by him for identification on the website of the online store.
- Observe due diligence when storing a password when entering it.
- when registering on the website of the online store, use complex combinations of characters to create a username / password.
- do not provide a third-party computer device for use if free access to the Client’s personal account is possible from it.
8. UPDATING, CORRECTING, DELETING AND DELETING PERSONAL DATA
8.1 In case of confirmation of the inaccuracy of personal data or the illegality of their
processing, personal data may be updated by the Operator, or their processing is terminated by the Operator.
8.2 Upon achievement of the purposes of processing personal data, as well as in the event that the subject of personal data withdraws consent to their processing, personal data shall be destroyed, except in cases established by Applicable law.
9. ANSWERS TO REQUESTS AND REQUESTS
9.1 The Operator seeks to ensure maximum transparency in the processing of personal data and prompt response to requests and requests from Users, the Authorized
body for the protection of the rights of personal data subjects and other public authorities.
9.2 Requests, appeals and other messages regarding the inaccuracy of personal data, the illegality of their processing, revocation of consent, access of the personal data subject to his data, as well as any other matters relating to the processing and protection of personal data, should be sent by e-mail: email@example.com.
10. FINAL PROVISIONS
10.1 The Operator is responsible to the customer in cases provided by applicable law.
10.2 The Operator is exempt from liability in cases where information about the Customer:
- became public before its loss or disclosure.
- was received from a third party until it was received by the Operator.
- was disclosed with the consent of the Client.
10.4. This Policy comes into force from the moment it is published (posted) on the Operator’s Website and is valid indefinitely (until it is canceled or replaced with a new version of the Policy).
10.5 The Operator has the right to unilaterally make changes and (or) additions to this Policy. The new version of the Policy comes into force from the moment it is published (posted) on the Operator’s Website, unless otherwise provided by the new version of the Policy. In case of changes affecting the rights of Users, the Operator has the right to send information about these changes to Users by their contact information or notify them of the changes in another way.
10.6 In the event of a dispute related to the application or observance of this Policy, the Operator and the relevant subject of personal data will make every effort to resolve it through negotiations and (or) mutual compromises. Claim procedure is mandatory. The term for consideration of a written claim is 30 (thirty) days from the date of its receipt. In the event that the conflict is not resolved through negotiations and (or) mutual compromises, the dispute shall be resolved in the manner established by the current legislation of the Russian Federation.