1. GENERAL PROVISIONS
1.1. This Policy regarding the processing of personal data (hereinafter referred to as the Policy) has been developed in pursuance of the requirements of paragraph 2 of part 1 of Art. 18.1 of the Federal Law of July 27, 2006 No. 152-FZ “On Personal Data” (hereinafter referred to as the Law on Personal Data) in order to ensure the protection of the rights and freedoms of a person and citizen in the processing of his personal data, including the protection of the rights to privacy, personal and family secrets. The policy establishes the procedure for processing personal data of site users: http://x9i.4a7.myftpupload.com
(hereinafter referred to as the Administration, Operator), and ensures compliance with the requirements for protecting the rights of citizens when processing personal data.
1.2. The Policy applies to all personal data processed by the Operator. The use of the site services means the User's unconditional consent to this Policy and the conditions for processing his personal information specified therein; in case of disagreement with these conditions, the User must refrain from using the services.
1.3. The Policy applies to relations in the field of personal data processing that the Operator has both before and after the approval of this Policy.
1.4. In pursuance of the requirements h. 2 Article. 18.1 of the Law on Personal Data, this Policy is published in the public domain on the Internet information and telecommunications network on the Operator's website.
2. BASIC CONCEPTS
2.1. For the purposes of this Policy, the following basic concepts are used:
site - a set of software and hardware for computers that provide the publication of data on the Internet for public viewing. The site is available at a unique email address or its letter designation. May contain graphic, textual, audio, video, and other information reproduced using a computer;
operator - a legal or natural person organizing and (or) carrying out the processing of personal data, as well as determining the purposes and content of the processing of personal data;
personal data - any information relating to an individual identified or determined on the basis of such information (subject of personal data), including his last name, first name, patronymic, year, month, date and place of birth, address, family, social, property status , education, profession, income, other information;
the subject of personal data in the context of this Policy is an individual who is a client - the User of the site: http://x9i.4a7.myftpupload.com
processing of personal data - actions (operations) with personal data, including collection, systematization, accumulation, storage, clarification (updating, changing), use, distribution (including transfer), depersonalization, blocking, destruction of personal data;
confidentiality of personal data - a mandatory requirement for an operator or other person who has gained access to personal data to prevent their distribution without the consent of the subject of personal data or other legal grounds;
dissemination of personal data - actions aimed at the transfer of personal data to a certain circle of persons or to familiarization with personal data of an unlimited number of persons, including the disclosure of personal data in the media, placement in information and telecommunication networks or providing access to personal data to any otherwise;
use of personal data - actions (operations) with personal data performed by the operator in order to make decisions or perform other actions that give rise to legal consequences in relation to the subject of personal data or other persons, or otherwise affect the rights and freedoms of the subject of personal data or other persons;
destruction of personal data - actions as a result of which it is impossible to restore the content of personal data in the personal data information system or as a result of which material carriers of personal data of employees are destroyed;
depersonalization of personal data - actions as a result of which it is impossible to determine the ownership of personal data by a specific subject of personal data;
blocking of personal data - temporary suspension of the collection, systematization, accumulation, use, distribution of personal data, including their transfer;
information system of personal data - a set of personal data contained in databases and information technologies and technical means that ensure their processing;
cross-border transfer of personal data - transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual or a foreign legal entity;
publicly available personal data - personal data, access to which is granted to an unlimited number of persons with the consent of the subject of personal data or which, in accordance with federal laws, is not subject to the requirement of confidentiality.
2.2. Within the framework of this Policy, the User's personal information means:
2.2.1. Personal information that the User provides about himself independently when registering (creating an account) or in the process of using the Services, including the User's personal data. The information required for the provision of the Services is marked in a special way. Other information is provided by the User at his discretion.
2.2.2. Data that is automatically transmitted to the services of the Site in the course of their use using the software installed on the User's device, including IP address, cookie data, information about the User's browser (or other program that accesses the services), technical characteristics of the equipment and software used by the User, date and time of access to the services, addresses of the requested pages and other similar information.
2.2.3. Other information about the User, the processing of which is provided for by the Agreement on the use of the Site.
2.2.4. This Policy applies only to the site: http://x9i.4a7.myftpupload.com, does not control and is not responsible for third-party sites to which the User can follow the links available on the site: http://x9i.4a7. myftpupload.com.
3. PURPOSE OF PROCESSING USERS' PERSONAL INFORMATION
3.1. The Site collects and stores only that personal information that is necessary for the provision of services or the execution of agreements and contracts with the User, except when the legislation provides for the mandatory storage of personal information for a period specified by law.
3.2. The website processes the User's personal information for the following purposes:
3.2.1. Identification of the User registered on the site to conclude a real estate transaction.
3.2.2. Providing the User with access to the resources of the site.
3.2.3. Establishing feedback with the User, including sending notifications, requests regarding the use of the site, the provision of services, processing requests and applications from the User in order to conclude transactions with real estate.
3.2.4. Determining the location of the User to ensure security, prevent fraud.
3.2.5. Confirmation of the accuracy and completeness of personal data provided by the User.
3.2.6. Creating an account to study the demand for the purchase of real estate in foreign regions, if the User has agreed to create an account.
3.2.7. Notifications to the Site User about foreign real estate markets.
3.2.8. Providing the User with effective customer and technical support in case of problems related to the use of the site.
3.2.9. Implementation of advertising activities with the consent of the User.
4. BASIC RIGHTS AND OBLIGATIONS OF THE OPERATOR
4.1. The operator has the right:
independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of the obligations provided for by the Law on Personal Data and the regulatory legal acts adopted in accordance with it, unless otherwise provided by the Law on Personal Data or other federal laws;
entrust the processing of personal data to another person with the consent of the subject of personal data, unless otherwise provided by federal law, on the basis of an agreement concluded with this person. A person who processes personal data on behalf of the Operator is obliged to comply with the principles and rules for the processing of personal data provided for by the Law on Personal Data;
in the event that the subject of personal data withdraws consent to the processing of personal data, the Operator has the right to continue processing personal data without the consent of the subject of personal data if there are grounds specified in the Law on Personal Data.
4.2. The operator is obliged:
organize the processing of personal data in accordance with the requirements of the Law on Personal Data;
respond to requests and requests from personal data subjects and their legal representatives in accordance with the requirements of the Personal Data Law;
report to the authorized body for the protection of the rights of subjects of personal data (the Federal Service for Supervision of Communications, Information Technology and Mass Communications - Roskomnadzor) at the request of this body the necessary information within 30 days from the date of receipt of such a request.
4.3. Basic rights of the subject of personal data.
The subject of personal data has the right:
1) to obtain information about the Operator, its location, whether the Operator has personal data relating to the relevant subject of personal data, as well as to familiarize themselves with such personal data. The subject of personal data has the right to demand from the Operator the clarification of his personal data, their blocking or destruction if the personal data is incomplete, outdated, unreliable, illegally obtained or not necessary for the stated purpose of processing, as well as take measures provided by law to protect their rights .
Information about the availability of personal data must be provided to the subject of personal data by the Operator in an accessible form, and they should not contain personal data related to other subjects of personal data.
Access to your personal data is provided to the subject of personal data or his legal representative when applying or upon receipt of a request from the subject of personal data or his legal representative. The request must contain the number of the main document proving the identity of the subject of personal data or his legal representative, information about the date of issue of the specified document and the authority that issued it, and a handwritten signature of the subject of personal data or his legal representative. The request may be sent in electronic form and signed with an electronic digital signature in accordance with the legislation of the Russian Federation;
2) to receive, upon application or upon receipt of a request, information regarding the processing of his personal data, including containing:
confirmation of the fact of processing personal data by the Operator, as well as the purpose of such processing;
methods of processing personal data used by the Operator;
information about persons who have access to personal data or who may be granted such access;
a list of processed personal data and the source of their receipt;
terms of processing personal data, including the terms of their storage;
information about what legal consequences for the subject of personal data may entail the processing of his personal data;
3) withdraw consent to the processing of personal data, restrict the methods and forms of processing personal data, prohibit the dissemination of personal data without his consent;
4) appeal against the actions or inaction of the Operator to the authorized body for the protection of the rights of subjects of personal data or in court;
5) to protect their rights and legitimate interests, including compensation for losses and compensation for moral damage in court.
5. LEGAL BASIS FOR PROCESSING PERSONAL DATA
5.1. The legal basis for the processing of personal data is a set of regulatory legal acts, in pursuance of which and in accordance with which the Operator processes personal data, including:
the Constitution of the Russian Federation;
Civil Code of the Russian Federation;
other regulatory legal acts regulating relations related to the Operator's advertising activities, user agreement.
6. PROCESSING OF PERSONAL DATA
6.1. The processing of personal data is carried out by the Operator solely to achieve the goals defined by this Policy and the user agreement.
6.2. The processing of personal data by the Operator consists in obtaining, systematizing, accumulating, storing, clarifying (updating, changing), using, distributing, depersonalizing, blocking, destroying and protecting against unauthorized access.
6.3. The processing of personal data is carried out by automated processing.
6.4. The processing of the User's personal data can only be accessed by persons whose duties are directly related to access and work with the User's personal data.
6.5. In the event of a corresponding request from the subject of personal data, the Operator is obliged to make the necessary changes, destroy or block the relevant personal data upon the provision by the subject of personal data or his legal representative of information confirming that the personal data that relate to the relevant subject and processed by the Operator are incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing. The Operator is obliged to notify the subject of personal data or his legal representative and third parties to whom the personal data of this subject were transferred about the changes made and the measures taken.
7. TRANSFER OF PERSONAL DATA
7.1. The transfer of personal data is carried out by the Operator only if it is necessary to fulfill the User Agreement or provide the User with certain Services with the consent of the User.
7.2. The transfer of personal data to third parties is carried out by the Operator only on the basis of the relevant agreement, the essential condition of which is the obligation of the third party to ensure the confidentiality of personal data and the security of personal data during their processing. This provision does not apply in case of depersonalization of personal data and in relation to publicly available personal data.
7.3. The transfer of personal data to state bodies is carried out within their powers in accordance with applicable law.
8. STORAGE OF PERSONAL DATA
8.1. Personal data is stored exclusively on electronic media (on servers) and processed using automated systems.
8.2. Upon reaching the goals of processing personal data, as well as in the event that the subject of personal data withdraws consent to their processing, personal data shall be destroyed if:
otherwise is not provided by the contract, the party to which, the beneficiary or the guarantor of which is the subject of personal data;
The operator is not entitled to process without the consent of the subject of personal data on the grounds provided for by the Law on Personal Data or other federal laws;
otherwise is not provided by another agreement between the Operator and the subject of personal data.
The destruction of the personal data of the subject is formalized by the relevant act on the termination of the processing of personal data.
9. ACCESS TO CUSTOMERS' PERSONAL DATA
9.1. Persons authorized by the Operator in accordance with the requirements of the law have the right to access the personal data of Users.
9.2. The access of the subject of personal data to his personal data is provided upon personal application or upon receipt of a written request. The operator is obliged to provide the subject of personal data with information about the availability of personal data about him, as well as provide an opportunity to familiarize himself with them within ten working days from the date of application.
10. PROTECTION OF USERS' PERSONAL DATA
10.1. Information containing the User's personal data placed on electronic media is subject to protection.
10.2. The Operator is obliged, when processing Users' personal data, to take the necessary organizational and technical measures to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, distribution of personal data, as well as from other illegal actions.
10.3. The protection of Users' personal data stored in the Operator's electronic databases from unauthorized access, distortion and destruction of information, as well as from other illegal actions, is provided by the Operator's employees.
10.4. Protection of access to electronic databases containing personal data of Users is ensured by:
using anti-virus and other software and hardware to protect the perimeter of the internal network, preventing unauthorized access to the Operator's local network;
differentiation of access rights using an account.
10.5. All electronic applications containing personal data, including personal data information systems, folders and files containing personal data, are password protected.
10.6. Answers to written requests from authorized state bodies, other organizations and institutions about the personal data of Users are given only with the written consent of the subjects of personal data, unless otherwise provided by law. Answers are made in writing and in the amount that allows not to disclose the excessive amount of personal data.
11. RESPONSIBILITY FOR DISCLOSURE OF INFORMATION CONTAINING PERSONAL DATA OF THE USER
11.1. An operator who violates the rules governing the receipt, processing, protection of personal data shall bear administrative, civil or criminal liability in accordance with federal laws.