1.1 To carry out operations, the Service accepts from the User his personal data, which the Service undertakes to store in an encrypted form, not to make it public, not to transfer to third parties, except for the cases described in clauses 4.4 and clause 5.5 of this agreement.
1.2 All operations with Applications, as well as the transfer of personal data from the User to the Service, are carried out via an encrypted SSL channel with a key length of 256 bits.
1.3 The Service has the right, if necessary, to independently carry out activities to collect additional data about the User by any available means. All information collected as a result of such activities is not made public, is not transferred to third parties, except as described in clauses 4.4 and clause 5.5 of this agreement.
1.4 The Service has the right to transfer the User's personal data and details of the operations performed by him, at the official request of law enforcement agencies, the court, as well as on his own initiative to protect his own rights.
1.5 All collected data about the User, as well as details of the operations performed by him, are stored in the Service database for five years.
2. Basic rights and obligations of the Operator and the Subject of personal data.
2.1 The operator has the right:
receive personal data from subjects of personal data and from third parties (persons who are not subjects of personal data), while the Operator fulfills the obligations stipulated by the Federal Law of July 27, 2006 No. 152-FZ "On Personal Data ";
independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations stipulated by the Law on Personal Data and regulatory legal acts adopted in accordance with it, unless otherwise provided by the Law on Personal Data or other federal laws;
if the subject of personal data withdraws consent to the processing of personal data, the Operator has the right to continue processing personal data without the consent of the subject of personal data if there are grounds specified in the Law on Personal Data.
2.2 The operator is obliged:
organize the processing of personal data in accordance with the requirements of the Law on Personal Data;
respond to requests and inquiries from subjects of personal data and their legal representatives in accordance with the requirements of the Law on Personal Data.
2.3. The personal data subject has the right:
receive information regarding the processing of his personal data, with the exception of cases provided for by federal laws. The information is provided to the subject of personal data by the Operator in an accessible form, and it should not contain personal data relating to other subjects of personal data, unless there are legal grounds for disclosing such personal data. The list of information and the procedure for obtaining it is established by the Law on Personal Data;
require the operator to clarify his personal data, block or destroy them if the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing;
other rights provided for by Chapter 3 of the Federal Law of July 27, 2006 No. 152-FZ "On Personal Data "
3. Purposes of collecting personal data
3.1 The processing of personal data is limited to the achievement of specific, predetermined and legitimate purposes. Processing of personal data that is incompatible with the purposes of collecting personal data is not allowed.
3.2 Only personal data that meet the purposes of their processing is subject to processing.
3.3 The processing of personal data of site users is carried out solely for the purpose of providing the user with the opportunity to interact with the site.
3.4 Information constituting personal data on the site is any information related to a specific or determined on the basis of such information an individual (subject of personal data).
4. The volume of processed personal data.
4.1. The content and volume of the processed personal data of the website users corresponds to the stated processing objectives provided for in section 3 of this Policy. The processed personal data should not be redundant in relation to the stated purposes of their processing.
4.2. The operator can process the following personal data of users:
- the source of access to the site (sites) and information of the search or advertising request;
- data about the user device (including resolution, version and other attributes characterizing the user device);
- user clicks, page views, filling in fields, showing and viewing banners and videos;
- data characterizing audience segments;
- session parameters;
- data on the time of the visit;
- the user ID stored in the cookie;
- contact phone number;
- E-mail address;
4.3 The operator does not process special categories of personal data related to race, nationality, political views, religious or philosophical beliefs, health status, intimate life, except as provided by the legislation of the Russian Federation.
4.4 The operator does not process biometric personal data.
4.5 The operator does not carry out cross-border transfer of personal data.
5. The procedure and conditions for the processing of personal data.
5.1 The processing of personal data is carried out by the Operator in accordance with the requirements of the legislation of the Russian Federation.
5.2 The processing of personal data is carried out with the consent of the subjects of personal data to the processing of their personal data, as well as without it in the cases provided for by the legislation of the Russian Federation.
5.3 The operator carries out both automated and non-automated processing of personal data.
5.4 The employees of the Operator are allowed to process personal data, whose job responsibilities include the processing of personal data.
5.5 It is not allowed to disclose and provide to third parties and disseminate personal data without the consent of the subject of personal data, unless otherwise provided by federal law.
5.6 The transfer of personal data to the bodies of inquiry and investigation, to the Federal Tax Service, the Pension Fund of the Russian Federation, the Social Insurance Fund and other authorized executive bodies and organizations is carried out in accordance with the requirements of the legislation of the Russian Federation.
5.7 The operator takes the necessary legal, organizational and technical measures to protect personal data from unauthorized or accidental access to them, destruction, alteration, blocking, distribution and other unauthorized actions, including:
- identifies threats to the security of personal data during their processing;
- adopts local regulations and other documents regulating relations in the field of processing and protection of personal data;
- creates the necessary conditions for working with personal data;
- organizes the accounting of documents containing personal data;
- organizes work with information systems in which personal data are processed;
- stores personal data in conditions under which their safety is ensured and unauthorized access to them is excluded.
5.8 The operator stores personal data in a form that makes it possible to determine the subject of personal data, no longer than the purpose of processing personal data requires, if the storage period for personal data is not established by federal law, by an agreement.
5.9 When collecting personal data, including through the information and telecommunications network Internet, the Operator provides recording, systematization, accumulation, storage, clarification (update, change), extraction of personal data of citizens of the Russian Federation using databases located on the territory of the Russian Federation, except for the cases specified in the Personal Data Law.
6. Procedure and terms of storage of personal data.
6.1 The Operator only stores personal data of Users on the Site.
6.2 The storage period for personal data of users begins to run from the moment of giving consent to the processing of personal data obtained by accepting an offer that does not require bilateral signing and is valid in electronic form, and is valid until the user declares his desire to delete his personal data from site.
6.3 In case of deletion of data from the site on the initiative of one of the parties, namely the termination of the use of the site, the user's personal data is stored in the databases of the Operator for five years in accordance with the legislation of the Russian Federation.
6.4 After the expiry of the above storage period for the user's personal data, the user's personal data is deleted automatically by a predetermined algorithm set by the Operator.
6.5 The Operator does not process personal data of Users on paper.
7. Deletion and destruction of personal data
7.1 Upon achievement of the purposes of processing personal data, as well as in the event that the subject of personal data withdraws consent to their processing, personal data are subject to destruction if:
otherwise is not provided for by the contract, the party to which, the beneficiary or the guarantor of which is the subject of personal data;
the operator is not entitled to carry out processing without the consent of the subject of personal data on the grounds provided for by the Law on Personal Data or other federal laws;
otherwise is not provided for by another agreement between the Operator and the subject of personal data.
7.2 The subject of personal data has the right in writing to demand the destruction of his personal data if the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing.
7.3 In the absence of the possibility of destruction of personal data, the Operator blocks such personal data.
7.4 The destruction of personal data is carried out by erasing information using certified software with guaranteed destruction (in accordance with the specified characteristics for the installed software with guaranteed destruction).
8. Final provisions.
8.1 Control over the fulfillment of the requirements of this Policy is carried out by an authorized person responsible for organizing the processing of personal data at the Operator.
8.2 Responsibility for violation of the requirements of the legislation of the Russian Federation and regulations in the field of processing and protection of personal data is determined in accordance with the legislation of the Russian Federation.
8.3 In the event of a change in the current legislation of the Russian Federation, amendments to the regulatory documents on the protection of personal data, this Policy is valid in the part that does not contradict the current legislation until it is brought in line with such.
8.4 The terms of the Policy are established, changed and canceled by the Operator unilaterally without prior notice to the User. From the moment the new version of the Policy is posted on the website, the previous version is considered invalid. In the event of a significant change in the terms of the Policy, the Operator notifies users of this by posting a corresponding message on the website.
8.5 In accordance with article 435 of the Civil Code of the Russian Federation, this document is recognized as an offer.
In accordance with Article 438 of the Civil Code of the Russian Federation, unconditional acceptance (acceptance) of the terms of this policy is the fact that the user submits an application on the bixter.org website and consents to the processing of his personal data.
Consent to the processing of personal data obtained by accepting this offer does not require bilateral signing and is indeed in electronic form.
8.6 If the User does not agree with the terms of this Policy, then he must immediately delete his profile from the site or notify the Operator of his disagreement, otherwise the continued use of the site by the user means that the user agrees with the terms of this Policy