1. General provisions
1.1. Politics changes in relation to all personnel data (subjects), which could be received by the Organization in the process of activity, including of clients of the Organization.
1.2. The purpose of Politics is in giving people the relevant information, which allows to evaluate which personnel data and with which purposes is processed by the Organization, which provisional methods for their safety are realized.
1.3. Politics provides with defense of rights and freedoms of subjects at processing their personnel data with the usage of automatization means or without usage of such means, also it establishes responsibility of persons with access to personnel data for non-fulfillment of demands, which regulate processing and defense of personnel data.
1.4. Clients, using services of the Organization, having informed the Organization about their personnel data, also while intermediation of the third persons, acknowledge their consent to processing personnel data in accordance with the present Politics.
1.5. Consent to processing personnel data could be revoked by the subject of personnel data. In case the consent to processing personnel data is revoked by the subject of personnel data, an operator has the right to proceed processing personnel data without the consent of the subject of personnel data with grounds, mentioned by the legislation in force.
1.7. Present politics could be changed by Organization.
2. Definition and content of personnel data
2.1. With the purpose of the present Politics, personnel data means any information, which is relevant directly or indirectly to a definite physical or legal person (subject of personnel data).
2.2. Depending on the subject of personnel data, the Organization, in order to fulfil its responsibilities, could process its personnel data of the following criteria of subjects: personnel data of employees of the Organization- information, necessary to the Organization in connection with labor relations and regarding one separate employee.
- Data of a Client — information, which is necessary for the Organization for fulfillment of its obligations in the frames of contract relations with the Client and for fulfillment the demands of the legislation of Russian Federation.
- Demands of legislation of Russian Federation.
Personnel data of the Client, filed at registration in website, including while execution Orders by the Client.
3. Grounds and purposes for processing personnel data
3.1. The Organization processes personnel data for fulfillment of its activity, including rendering services to the Client. The Organization has the right:
To fulfil functions, assigned to the Organization by the legislation of Russian Federation in accordance to the Federal Law “About Personnel data” and other laws and normative acts of RF, also by the statute and normative acts of the Organization;
The Organization collects and saves personnel data of the Client, relevant for rendering services, fulfillment of agreements and contracts, fulfillment of obligations before the Client.
3.2. Organization could use personnel data of the Client
with the following purposes:
Identification of the Client
in the frames of contracts;
connection with the Client in case of necessity, including sending offers, notifications, information and requests, both connected and not connected with services rendering, also processing of requests, applications of the Client;
improvement of services’ quality, rendered by the Company.
4. Time limits for processing personnel data
4.1. Time limits for processing personnel data are defined basing on the purposes of processing in informational systems of Organization, in accordance with duration of the Contract, agreement with the subject of personnel data.
5. Scope of persons, allowed to processing personnel data
5.1. In order to achieve purposes of article 3 of Present Politics, only those employees of the Organization are allowed to processing personnel data, who are assigned such obligation in accordance with their working (labor) responsibilities. Access of such employees could be provided only in foreseen by the law cases. Organization demands from its employees complying with confidentiality and provision of safety of personnel data at its processing.
5.2. Organization has the right to pass personnel data to the third parties in the following cases:
Subjects of personnel data has openly showed their consent to such actions; Passing is foreseen by Russian and other applied legislation in the frames of established by legislation procedure. An acquirer gets all responsibilities in complying with terms of the Present Politics in application to the received by them data.
6. Methods of processing personnel data
6.1. In the process of rendering services at executing internal economic activity, the Organization uses automatized and non-automatized processing of personnel data.
7. Realization of personnel data protection
7.1. Activity of the Organization at processing personnel data in informational systems is inextricably connected with protection by the Organization confidentiality of the received information. All employees of the Organization are obliged to provide confidentiality of the received information, also other data, established by the Organization, if it does not contradict current legislation of RF.
7.2. Safety of personnel data at its processing in informational systems of Organization is provided with the help of information protection.
7.3. Exchange of personnel data at its processing in informational systems is executed through channels of communication, protected by technical means of information protection.
7.4. At processing personnel data in informational systems of the Organization the following is provided:
- Conduct of events, oriented on prevention of non-sanctionable access to personnel data and (or) transfer of it to persons without the right to access to such information;
- Well-timed revelation of facts of non-sanctionable access to personnel data;
- Prevention influence on technical means of automized processing personnel data, as the result of which its functioning could be broken;
- Possibility of immediate data reconstruction, modified and damaged as the result of non-sanctionable access to it;
- Constant control of the protection level of personnel data.