PERSONAL DATA PROCESSING POLICY
This Personal Data Processing Policy (hereinafter - the Policy) has been prepared in compliance with para. 2, Art. 18.1 of Federal Law of the Russian Federation No. 152-FZ dated 27 July 2006 “On Personal Data”. The Policy applies to all personal data (hereinafter - the Data), which JSC Unicon Business Service (hereinafter - the Company) may receive from its employees or other personal data owners while providing services, and/or when users apply to the Company at the official electronic resources to which the Company's website (www.ubpo.ru) belongs.
The Policy covers the Data received both prior to and after signing hereof.
The Company is listed in the register of data controllers under number 09-0043043 by virtue of Order No. 97-od of the Federal Service for Supervision of Communications, Information Technology, and Mass Media dated 16 April 2013.
2. Data Processed by the Company
For the purposes hereof, the Data shall be understood as follows:
- The Company employees data;
- The Company clients data; and
- The users data received through the Company’s official electronic resources.
The Data storage duration is determined by the employment contract, understandings between the parties, and requirements of the applicable laws.
3. Purpose of Data Collection and Processing
The Company collects and stores the Data of the personal data owners necessary to comply with the applicable laws of the Russian Federation and contractual terms and conditions, as well as to determine the users’ demand for the Company's services, prepare commercial offers, conduct marketing activities, and collect statistical data on the user behavior at the Company’s electronic resources.
4. Conditions for Data Processing and Transfer Thereof to Third Parties
4.1. For each category of personal data, the Company has identified and approved specific processing purposes. Processing of personal data that is incompatible with the approved purposes is not allowed.
4.2. The Company may transfer the Data of the personal data owners to third parties as provided for by the applicable laws of the Russian Federation, as well as to government services and the Company’s affiliates and partners, in order to provide the Company’s services to the personal data owners in compliance with the contractual terms and conditions.
4.3. The Company processes the Data of the personal data owners in compliance with Federal Law of the Russian Federation No. 152-FZ dated 27 July 2006 “On Personal Data” and this Policy.
5. Data Processing
The Company may collect, record, classify, accumulate, store, clarify (update, change), extract, use, transfer (distribute, provide, access) depersonalise, block, delete and destroy the Data of a personal data owner in accordance with the applicable laws of the Russian Federation.
6. Data Protection
6.1. The Company takes all necessary and sufficient measures to protect the Data from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, and any other illegal actions by third parties.
6.2. In order to protect the Data transmitted via insecure Internet communication channels, the Company employs secure Virtual Private Networks (VPN) and certified encryption systems (cryptographic protection facilities).
7. Policy Amendment. Applicable Law
The Company shall be entitled amend this Policy. The title of the amended Policy shall contain the date of the last revision. The new version of the Policy shall come into effect from the moment it is posted at the Company's website, unless otherwise provided for by the new version of the Policy.