Policy on personal data processing
1. General Provisions
This personal data processing policy is prepared in accordance with the requirements of the Federal Law of July 27, 2006, No. 152-FZ “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data taken by Maksimov Denis Stanislavovich (hereinafter referred to as the Operator).
1.1. The Operator's primary objective and condition for carrying out its activities is the protection of human and civil rights and freedoms during the processing of their personal data, including the protection of privacy, personal, and family secrets.
1.2. This Operator’s Policy regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may receive about visitors to the website https://ola.exchange.
2. Key Terms Used in the Policy
2.1. Automated processing of personal data – processing of personal data using computing equipment.
2.2. Blocking of personal data – temporary suspension of personal data processing (except in cases where processing is necessary to clarify personal data).
2.3. Website – a collection of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the internet at the network address https://ola.exchange.
2.4. Information system of personal data – a set of personal data contained in databases and information technologies and technical tools that process them.
2.5. Depersonalization of personal data – actions that make it impossible to determine the association of personal data with a specific User or another personal data subject without the use of additional information.
2.6. Processing of personal data – any action (operation) or set of actions (operations) performed with personal data using or without the use of automation tools, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator – a state body, municipal body, legal or individual entity that organizes and (or) performs personal data processing independently or jointly with others, as well as determines the purposes of personal data processing, the composition of personal data subject to processing, and actions (operations) performed with personal data.
2.8. Personal data – any information directly or indirectly related to a specific or identifiable User of the website https://ola.exchange.
2.9. Personal data allowed for dissemination – personal data, access to which is provided to an unlimited number of people by the personal data subject through consent to the processing of such data in accordance with the Personal Data Law.
2.10. User – any visitor of the website https://ola.exchange.
2.11. Provision of personal data – actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Dissemination of personal data – actions aimed at disclosing personal data to an indefinite group of people or making personal data publicly available, including disclosure through the media, posting on information and telecommunication networks, or granting access to personal data in any other way.
2.13. Cross-border transfer of personal data – transfer of personal data to the territory of a foreign state, a foreign authority, a foreign individual, or foreign legal entity.
2.14. Destruction of personal data – actions that result in the irreversible destruction of personal data without the possibility of recovery in the personal data information system and/or the destruction of physical carriers of personal data.
3. Key Rights and Obligations of the Operator
3.1. The Operator has the right to:
– Receive reliable information and/or documents containing personal data from the personal data subject;
– Continue processing personal data without the consent of the subject if there are legal grounds provided for in the Personal Data Law;
– Independently determine the scope and list of measures necessary for fulfilling obligations under the Personal Data Law unless otherwise specified by the Personal Data Law or other federal laws.
3.2. The Operator is obligated to:
– Provide the personal data subject, upon request, with information regarding the processing of their personal data;
– Organize personal data processing in compliance with applicable Russian legislation;
– Respond to inquiries and requests from personal data subjects and their legal representatives in accordance with the Personal Data Law;
– Notify the authorized body for the protection of personal data subjects’ rights about requested information within 30 days from the date of receipt of the request;
– Publish or otherwise ensure unrestricted access to this Policy regarding the processing of personal data;
– Take legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, provision, distribution, as well as from other illegal actions;
– Stop the transmission, processing, or destruction of personal data as stipulated by the Personal Data Law;
– Fulfill other obligations provided for by the Personal Data Law.
This personal data processing policy is prepared in accordance with the requirements of the Federal Law of July 27, 2006, No. 152-FZ “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data taken by Maksimov Denis Stanislavovich (hereinafter referred to as the Operator).
1.1. The Operator's primary objective and condition for carrying out its activities is the protection of human and civil rights and freedoms during the processing of their personal data, including the protection of privacy, personal, and family secrets.
1.2. This Operator’s Policy regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may receive about visitors to the website https://ola.exchange.
2. Key Terms Used in the Policy
2.1. Automated processing of personal data – processing of personal data using computing equipment.
2.2. Blocking of personal data – temporary suspension of personal data processing (except in cases where processing is necessary to clarify personal data).
2.3. Website – a collection of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the internet at the network address https://ola.exchange.
2.4. Information system of personal data – a set of personal data contained in databases and information technologies and technical tools that process them.
2.5. Depersonalization of personal data – actions that make it impossible to determine the association of personal data with a specific User or another personal data subject without the use of additional information.
2.6. Processing of personal data – any action (operation) or set of actions (operations) performed with personal data using or without the use of automation tools, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator – a state body, municipal body, legal or individual entity that organizes and (or) performs personal data processing independently or jointly with others, as well as determines the purposes of personal data processing, the composition of personal data subject to processing, and actions (operations) performed with personal data.
2.8. Personal data – any information directly or indirectly related to a specific or identifiable User of the website https://ola.exchange.
2.9. Personal data allowed for dissemination – personal data, access to which is provided to an unlimited number of people by the personal data subject through consent to the processing of such data in accordance with the Personal Data Law.
2.10. User – any visitor of the website https://ola.exchange.
2.11. Provision of personal data – actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Dissemination of personal data – actions aimed at disclosing personal data to an indefinite group of people or making personal data publicly available, including disclosure through the media, posting on information and telecommunication networks, or granting access to personal data in any other way.
2.13. Cross-border transfer of personal data – transfer of personal data to the territory of a foreign state, a foreign authority, a foreign individual, or foreign legal entity.
2.14. Destruction of personal data – actions that result in the irreversible destruction of personal data without the possibility of recovery in the personal data information system and/or the destruction of physical carriers of personal data.
3. Key Rights and Obligations of the Operator
3.1. The Operator has the right to:
– Receive reliable information and/or documents containing personal data from the personal data subject;
– Continue processing personal data without the consent of the subject if there are legal grounds provided for in the Personal Data Law;
– Independently determine the scope and list of measures necessary for fulfilling obligations under the Personal Data Law unless otherwise specified by the Personal Data Law or other federal laws.
3.2. The Operator is obligated to:
– Provide the personal data subject, upon request, with information regarding the processing of their personal data;
– Organize personal data processing in compliance with applicable Russian legislation;
– Respond to inquiries and requests from personal data subjects and their legal representatives in accordance with the Personal Data Law;
– Notify the authorized body for the protection of personal data subjects’ rights about requested information within 30 days from the date of receipt of the request;
– Publish or otherwise ensure unrestricted access to this Policy regarding the processing of personal data;
– Take legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, provision, distribution, as well as from other illegal actions;
– Stop the transmission, processing, or destruction of personal data as stipulated by the Personal Data Law;
– Fulfill other obligations provided for by the Personal Data Law.