We respect your legitimate rights and interests provided for by Russian law, and in accordance with it, as well as with other applicable legislative and subordinate regulations and orders, we bring to your attention the differentiation of rights and obligations between you, personal data subjects, during the period of your stay on our website and by us, the Administration of the advparitet.com website, acting in accordance with Russian law as the Operator.

1. GENERAL PROVISIONS

1.1 This document defines the policy regarding the processing of personal data.

1.2 This Policy has been developed in pursuance of the requirements of paragraph 2 of part 1 of Article 18.1 of the Federal Law dated 27.07.2006 No. 152-ФЗ «On Personal Data» in the current edition (hereinafter referred to as the Personal Data Law), checked and properly approved by the order of the legal entity that is the owner of the site advparitet.com (hereinafter also referred to as the Site) – limited liability company “Law Firm “Paritet”, accompanied by a package of necessary orders, instructions and authorizations for responsible employees and other persons. Policy updated July 8^th, 2020

1.3 The concepts contained in Article 3 of the Personal Data Law are used in this Policy with identical meaning.

1.4 This Policy applies to all operations performed by the Operator with personal data using special computer equipment and software or without their use, including manually, using existing means of communication.

1.5 Basic rights and obligations of the Operator.

1.5.1 The Operator has the right:

1.5.1.1 receive from the Personal Data Subject reliable and up-to-date information and / or documents containing personal data;

1.5.1.2. require the Personal Data Subject to timely clarify the provided personal data.

1.5.2 The Operator is obliged:

1.5.2.1 process personal data in the manner prescribed by the current legislation of the Russian Federation;

1.5.2.2 consider the appeals of the subject of personal data (his legal representative) on the processing of personal data and give reasoned answers;

1.5.2.3 provide the subject of personal data (his legal representative) with the opportunity of free access to his personal data;

1.5.2.4 take measures to clarify, destroy the personal data of the subject of personal data in connection with his (his legal representative) appeal with legal and reasonable demands;

1.5.2.5 to protect personal data from unauthorized access and leakage in accordance with the requirements of the legislation of the Russian Federation.

1.6 Basic rights and obligations of Personal Data Subjects:

1.6.1 Personal Data Subjects have the right:

1.6.1.1 to provide information about what their personal data is processed by the Operator;

1.6.1.2 to access their personal data, including the right to obtain a copy of any record containing their personal data, except as required by federal law;

1.6.1.3 to clarify their personal data, their blocking or destruction in cases where personal data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing;

1.6.1.4 to withdraw consent to the processing of personal data;

1.6.1.5 to take statutory measures to protect their rights;

1.6.1.6 to exercise other rights provided for by the legislation of the Russian Federation.

1.6.2 Personal Data Subjects are obliged:

1.6.2.1 provide the Operator with only reliable and up-to-date information about yourself;

1.6.2.2 provide documents containing personal data to the extent necessary for the purpose of processing;

1.6.2.3 notify the Operator about the clarification (update, change) of their personal data.

1.7 Persons who have provided the Operator with false or irrelevant information about themselves, or information about another Personal Data Subject without the consent of the latter or without proper certification of representative powers, bear all legal risks in accordance with the legislation of the Russian Federation, including civil, disciplinary, administrative and criminal a responsibility

1.8 Visiting the site advparitet.com means the consent of the visitor to the site advparitet.com that the Operator will have the right to collect and process the personal data of the site visitor under the terms of this Policy.

2. VOLUME AND CATEGORIES OF PROCESSED PERSONAL DATA, CATEGORIES OF PERSONAL DATA SUBJECTS

2.1 The Operator, in accordance with this Policy, may process the personal data of the following Personal Data Subjects:

2.1.1 current employees of the Operator, former employees of the Operator, candidates for employment, as well as relatives of current and former employees of the Operator, to the extent that this applies to the Operator;

2.1.2 customers and counterparties of the Operator, including consumers and beneficiaries of the services offered by the Operator;

2.1.3 authorized representatives/employees of the Operator’s clients and counterparties;

2.1.4 visitors to the advparitet.com website, including third-party websites that link to the advparitet.com website.

2.2 An exhaustive list of categories of personal data processed by the Operator without additional consent of the personal data subject includes:

2.2.1 surname, name, patronymic or middle name (if any) of the personal data subject;

2.2.2 specialty / field of education and advanced training;

2.2.3 direction of professional interests;

2.2.4 mobile or landline phone number from which the personal data subject communicates;

2.2.5 e-mail address (e-mail) regardless of the mail server;

2.2.6 history of requests and views on the site and its services (for site visitors);

2.2.7 technical connection data (connection speed, software used, IP address).

Any other personal data is processed by the Operator only after the exchange of written consent or expression of will, implying such consent, from the subject of personal data, and a written request from the Operator. For the purposes of this Policy, an electronic form is equated to a written form.

2.3 The Operator ensures that the content and scope of the processed personal data correspond to the stated purposes of processing and, if necessary, takes measures to eliminate their redundancy in relation to the stated purposes of processing.

2.4 The Operator processes biometric personal data subject to the written consent of the relevant subjects of personal data, as well as in other cases provided for by the legislation of the Russian Federation.

2.5 The processing of special categories of personal data relating to race, nationality, political views, religious or philosophical beliefs, intimate life, as well as other information not specified in this Policy, is not subject to processing by the Operator, even if the subject of personal data agrees to this, except as provided by law.

3. PURPOSE OF COLLECTING PERSONAL DATA

3.1 Personal data is processed by the Operator for the following purposes:

3.1.1 conclusion of any contracts with personal data subjects and their further execution;

3.1.2 conducting promotions, surveys, interviews, testing and research on the Sites by the Operator;

3.1.3 providing personal data subjects with the services of the Operator, as well as information on the development by the Operator of new products and services, including advertising;

3.1.4 feedback with the subjects of personal data, including the processing of their requests and appeals, informing about the operation of the Site (Sites);

3.1.5 control and improvement of the quality of services of the Operator, including those offered on the Site (Sites);

3.1.6 conducting personnel work and organizing accounting of the Operator’s employees, regulation of labor and other relations directly related to them;

3.1.7 attraction and selection of candidates for work with the Operator;

3.1.8 formation of statistical reporting;

3.1.9 implementation of economic activity;

3.1.10 implementation of other functions, powers and duties assigned to the Operator by the legislation of the Russian Federation.

4. LEGAL BASIS FOR PROCESSING PERSONAL DATA

4.1 The legal grounds for the processing of personal data by the Operator are:

4.1.1 Constitution of the Russian Federation;

4.1.2 Labor Code of the Russian Federation;

4.1.3 Civil Code of the Russian Federation;

4.1.4 Federal Law dated 27.07.2006 No. 149-ФЗ «On Information, Information Technologies and Information Protection»;

4.1.5 Law of the Russian Federation of 27.12.1991 No. 2124-1 «On the Mass Media»;

4.1.6 Federal Law No. 294-ФЗ dated December 26^th, 2008 “On the Protection of the Rights of Legal Entities and Individual Entrepreneurs in the Exercise of State Control (Supervision) and Municipal Control”;

4.1.7 Decree of the President of the Russian Federation dated March 6, 1997 No. 188 «On approval of the list of confidential information»;

4.1.8 Decree of the Government of the Russian Federation dated July 6, 2008 No. 512 «On approval of requirements for material carriers of biometric personal data and technologies for storing such data outside personal data information systems»;

4.1.9 Decree of the Government of the Russian Federation dated September 15^th, 2008 No. 687 «On approval of the Regulations on the features of the processing of personal data carried out without the use of automation tools»;

4.1.10 Decree of the Government of the Russian Federation dated November 1^st, 2012 No. 1119 «On approval of requirements for the protection of personal data during their processing in personal data information systems»;

4.1.11 Order of Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications dated September 5, 2013 No. 996 «On approval of requirements and methods for depersonalization of personal data»;

4.1.12 Order of the Federal Service for Technical and Export Control of Russia dated February 18, 2013 No. 21 «On approval of the composition and content of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems»

4.1.13 statutory documents of the Operator;

4.1.14 contracts concluded between the Operator and subjects of personal data;

4.1.15 consent of personal data subjects to the processing of personal data;

4.1.16 other legal grounds when consent to the processing of personal data is not required by law.

5. PROCEDURE AND CONDITIONS FOR PROCESSING PERSONAL DATA

5.1 The processing of personal data by the Operator is carried out in the following ways:

5.1.1 manual processing of personal data;

5.1.2 automated processing of personal data with or without transmission of the received information via information and telecommunication networks;

5.1.3 mixed processing of personal data.

5.2 The list of actions performed by the Operator with personal data: collection, systematization, accumulation, storage, clarification (updating, changing), use, distribution (including transfer), depersonalization, blocking, destruction, as well as the implementation of any other actions in accordance with the current the legislation of the Russian Federation.

5.3 The processing of personal data is carried out by the Operator subject to obtaining the consent of the subject of personal data (hereinafter referred to as the Consent), except for the cases established by the legislation of the Russian Federation when the processing of personal data can be carried out without such Consent.

5.4 The personal data subject decides to provide his personal data and gives Consent freely, of his own free will and in his own interest.

5.5 Consent is given in any form that allows you to confirm the fact of its receipt. In cases stipulated by the legislation of the Russian Federation, Consent is made in writing.

5.6 The condition for terminating the processing of personal data may be the achievement of the purposes of processing personal data, the expiration of the Consent or the withdrawal of Consent by the subject of personal data, as well as the identification of unlawful processing of personal data.

5.7 Consent may be withdrawn by written notice sent to the Operator by registered mail.

5.8 When processing personal data, the operator takes or ensures that the necessary legal, organizational and technical measures are taken to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data.

5.9 The storage of personal data is carried out in a form that allows determining the subject of personal data for a period not longer than required by the purposes of processing personal data, except in cases where the period for storing personal data is established by federal law, an agreement to which a party, beneficiary or guarantor, under which is the subject of personal data.

5.10 When storing personal data, the Operator uses databases and servers located on the territory of the Russian Federation.

6. UPDATING, CORRECTION, DELETION AND DESTRUCTION OF PERSONAL DATA, RESPONSES TO REQUESTS OF PERSONAL DATA SUBJECTS FOR ACCESS TO PERSONAL DATA

6.1 In case of confirmation of the fact of inaccuracy of personal data or the illegality of their processing, personal data shall be updated by the Operator, or their processing shall be terminated accordingly.

6.2 The fact of inaccuracy of personal data or the illegality of their processing can be established either by the subject of personal data or by the competent state bodies of the Russian Federation.

6.3 At the written request of the personal data subject of or his representative, the Operator is obliged to provide information on the processing of personal data of the specified subject carried out by him. The request must contain the number of the main document proving the identity of the subject of personal data and his representative, information about the date of issue of the specified document and the authority that issued it, information confirming the participation of the subject of personal data in relations with the Operator (contract number, date of conclusion of the contract, conditional verbal designation and (or) other information), or information otherwise confirming the fact of processing personal data by the Operator, the signature of the personal data subject or his representative. The request can be sent in the form of an electronic document and signed with an electronic signature in accordance with the legislation of the Russian Federation.

6.4 If the request of the personal data subject does not contain all the necessary information or the subject does not have access rights to the requested information, then a reasoned refusal is sent to him.

6.5 In the manner provided for in clause 6.3, the subject of personal data has the right to demand from the Operator the clarification of his personal data, their blocking or destruction if the personal data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing, as well as take legal measures to protect their rights.

6.6 When the purposes of processing personal data are achieved, as well as in the event that the subject of personal data withdraws Consent, personal data is subject to destruction if:

6.6.1 The operator is not entitled to process without the consent of the subject of personal data;

6.6.2 otherwise is not provided by the contract, the party to which, the beneficiary or the guarantor of which is the personal data subject;

6.6.3 otherwise not provided by another contract between the Operator and the subject of personal data.

7. FINAL PROVISIONS

7.1 All relations relating to the processing of personal data that are not reflected in this Policy are regulated in accordance with the provisions of the legislation of the Russian Federation.

7.2 The Operator has the right to make changes to this Policy. When making changes in the current version, the date of the last update is indicated. The new version of the Policy comes into force from the moment it is posted on the Site, unless otherwise provided by the new version of the Policy. The current version is permanently available on the Site at : https://en.advparitet.com/personal-data-processing-policy/