Privacy

POLICY on personal data protection and information about the requirements applicable to the protection of personal data

By entering your data on the website of “Oktell”, LLC at http://www.oktell24.ru (hereinafter referred to as the Website), you agree with this Privacy Policy relating to the processing of personal data and information about the requirements applicable to the protection of personal data (hereinafter referred to as the Policy).

  1. General Information

1.1. This Policy is an official document of the Limited Liability Company Oktell, OGRN (Primary State Registration Number): 5147746189179, INN (Taxpayer Identification Number): 7701409620 (hereinafter referred to as the Company) located at: 105082, Moscow, Bakuninskaya street, 41, building 1, (hereinafter referred to as the Website Administration), and determines the procedure for processing and protecting information about individuals (hereinafter referred to as the Users) that use the services of the Website.

1.2. The purpose of this Policy is to protect human and civil rights and freedoms while processing their personal data, including protection of privacy rights, personal and family secrets.

1.3. Relations involving collection, storage, distribution and protection of information about users of the Website are governed by this Policy, other documents of the Company and the current legislation of the Russian Federation.

1.4. This Policy applies to the activities of all branches of the Company involved in the processing of personal data.

1.5. Pursuant to the provisions of para. 2 of Art. 18.1 of the Federal Law “On Personal Data” this Policy shall be posted on the official website of the Company. The Website Administration shall notify the users on the amendments to the Policy by posting a new version of the Policy on the Website.

1.6. Should the User disagree with the terms of the Policy, the use of the Website and its applications shall be terminated immediately.

  1. Terms of Use of the Website

2.1. Providing services for the use of the Website (hereinafter referred to as the Website Services), the Website Administration, acting in a reasonable manner and in good faith, believes that the User:

  • has all the necessary rights to enable him/her to fill in forms and use this Website;
  • indicates reliable information about himself/herself in the amounts necessary for using the Services of the Website;
  • has read this Policy, expresses his/her consent herewith by ticking the box in the line “I agree to the processing of personal data” of the appropriate form on the Website, assumes the rights and duties indicated herein and confirms that by giving such consent he/she acts freely, on his/her own volition and interest.

2.2. The Website Administration is not obliged to verify the reliability of the received (collected) information about users, except for the cases when such verification is needed to fulfill the obligations of the Website Administration to the User. To verify data submitted by the User, the Website Administration reserves the right to request proof of identity either online or offline.

2.3 The Website may contain links to other websites. The Website is not responsible of the content, quality and security policy of these websites.

  1. Data Processing Purposes

3.1. The Website Administration processes personal data for the following purposes:

- identification of the User as part of provision of services by the Company;

- remote interaction between the Company and the customers and other interested parties as part of service and information support through the use of e-mail, the Company's Website in the Internet  including by sending a notice, requesting information concerning services and provision thereof;

- providing the User with services available for use on the Website.

  1. Composition of information about users

4.1. Personal data of Users include the minimum required data of Users required for filling in the forms on the Website, such as: first name, telephone number, and e-mail.

4.2. The Website Administration also processes other information about Users, which includes:

4.2.1. standard data automatically received by http server when accessing the Website and subsequent actions of the User (host IP address, user's operating system type, pages of the Website visited by the User).

4.2.2. information automatically obtained when accessing the Website using bookmarks (cookies).

  1. Processing user information

5.1. Personal data are being processed on the basis of principles of: a) legitimacy of the purposes and personal data processing procedures; b) good faith; c) coherence of the purposes of processing personal data with the purposes predetermined and claimed in the collection of personal data, as well as the authority of the Website Administration; d) alignment of the amount and nature of the processed personal data, and personal data processing procedures with the purposes of personal data processing; e) inadmissibility of combining the databases created for incompatible purposes of the database containing personal data.

5.2. The User’s personal data are collected on the Website when he/she fills in the “Call Back” / Contact Us” forms. Personal data provided for in para. 4.1 of this Policy shall be provided by the User and are the minimum required ones.

5.3. If there is a function of registration of the User account on the Website and passing thereof, the User who specified personal and contact information on the Website, will receive a message and / or a notification confirming the success of the procedure.

5.4. Personal data of Users are stored exclusively on electronic carriers and processed using automated systems, except for the cases when manual processing of personal data is required in connection with the implementation of legal requirements.

5.5. Personal data of Users are not transferred to any third parties, except for the cases directly provided by this Policy or federal legislation. When specifying the User, or when the Users gives his/her consent, transfer of the User's personal data to third parties that are counterparties of the Company, is possible, provided such counterparties assume obligations to ensure the confidentiality of information received. Disclosure of Users’ personal data at the request of the state bodies (local government authorities) is carried out in the manner provided by the legislation.

5.6. Part of the User's personal information may be provided to the bank or payment system if the provision of this information is required by the procedure for transferring funds to the payment system whose services the User wishes to use on the Website.

5.7. The Company set the following conditions for the termination of the processing of personal data:

  • achieving goals of personal data processing and maximum storage periods;
  • loss of the need to achieve the goals of personal data processing;
  • submission by the User or his/her legal representative of documented evidence that the personal data have been illegally obtained or are not required for the claimed purpose of processing;
  • inability to ensure the legality of processing personal data;
  • withdrawal of consent by the User to process his/her personal data, if retention of personal data is no longer needed for the processing of personal data;
  • expiry of the limitation period for legal relations within which personal data have been or are being processed.
  1. User Rights

6.1. The Users shall be entitled:

6.1.1. to require the Website Administration to change and clarify their personal data, block or destroy them if such data are incomplete, outdated, unreliable, illegally obtained or not required for the claimed purpose of processing, or if it is impossible to perform such actions with no assistance;

6.1.2. on the basis of a request to receive information from the Website Administration, as related to processing of their personal data.

6.1.3. at any time, to stop receiving newsletters by subscription, using the relevant service on the Website, if any, or by sending an e-mail at .

  1. Information about the requirements applicable to the protection of personal data

7.1. Protection of the Users’ personal data processed by the Company, is ensured by way of implementation of legal, organizational and technical measures necessary and sufficient to ensure the enforcement of legal requirements in the field of personal data protection.

7.2. Legal measures include:

  • development of the Company’s by-laws implementing the requirements of the legislation of the Russian Federation, including this Policy, and posting it on the Website;
  • refusal of any means of processing personal data that do not comply with the purposes defined in this Policy.

7.3. Organizational measures include:

  • appointment of the person responsible for the organization of personal data protection;
  • assignment of responsibility to the business units of the Company for ensuring the safety of personal data in information systems;
  • internal control and / or audit of compliance of personal data processing with the provision of the Federal law No. 152-FZ "On Personal Data" dated 27.07.2006 and enactments adopted in its connection, requirements for the protection of personal data, the Company's Policy for the processing of personal data, and the Company’s bylaws;
  • limitation of number of the Company’s employees that have access to personal data, and establishment of an authorization system for access to them;
  • familiarization of the Company's employees with the provisions of the legislation of the Russian Federation on personal data, including requirements for the protection of personal data, with this Policy, other bylaws of the Company related to personal data processing;
  • training of all categories of employees who process personal data, the rules of handling them and ensuring the safety of the data being processed;
  • definition of duties in the job descriptions of the Company’s employees to ensure the safety of processing personal data and the responsibility for violation of the established procedure;
  • regulation of processes of processing personal data;
  • accounting of tangible carriers of personal data and their storage, in order to prevent their stealing, substitution, unauthorized copying and destruction;
  • placement of technical means for processing personal data within the protected area;
  • limiting the entry of unauthorized persons to the premises of the Company, preventing them from being in the premises, where personal data are being handled and technical means of their processing are placed, without control by the Company's employees.

7.4. Technical measures include:

  • the development, on the basis of a threat model, of a personal data protection system that ensures established levels of protection of personal data;
  • the use of information protection tools that have passed the conformity assessment procedure with the purpose of neutralizing the current threats;
  • the evaluation of the effectiveness of measures taken to ensure the safety of personal data;
  • the implementation of an authorization system ensuring access of employees to personal data processed in information systems, software, hardware and software for information protection;
  • registration of actions with personal data of Users of information systems where personal data are processed;
  • detection of malwares (using the AV Software) on all nodes of the Company's information network, that provide the appropriate technical feasibility;
  • detection of intrusions into the Company’s information system that violate or create prerequisites for violation of the established requirements for ensuring the safety of personal data;
  • restoration of personal data, modified or destroyed due to an unauthorized access (backup and recovery of personal data);
  • periodic monitoring of user actions, investigations of violations of requirements for the safety of personal data.
  1. Users’ Inquiries

8.1. Users shall be entitled to send their inquiries to the Website Administration, including those relating the use of their personal data, in the form of an electronic document bearing a qualified electronic signature in accordance with the legislation of the Russian Federation, to the e-mail address indicated on the Website.

8.2. The inquiry send by the user shall contain the following information: - number of the main identity document of the user or his/her representative; - information on the document issue date and the issuing authority; - information confirming the relationship between the user and the operator (including, the user's serial number, user id, the signature of the user or his/her representative).

8.3. All correspondence received by the Website Administration from the users (inquiries in written or in electronic form) refers to restricted information and shall not be disclosed without the written consent of the User. Personal data and other information about the User who sent the inquiry, cannot be used without the special consent of the User, otherwise than to respond to the subject of the received inquiry, or except for the cases directly provided by law.

 

Updated on 25.10.2017

CONTACT US

Do you have questions?
We will be happy to answer them.