Revision 3.0 dated October 20, 2023
POLICY REGARDING THE PROCESSING OF PERSONAL DATA
This policy of personal data processing is drawn up in accordance with the requirements of the Federal Law dated 27.07.2006. No. 152-FZ "On Personal Data" and determines the order of personal data processing and measures to ensure the security of personal data Restaurant Complex "D.O.M." (hereinafter - the Operator).
The Operator sets as its most important goal and condition of its activity the observance of human and citizen's rights and freedoms during the processing of personal data, including the protection of the rights to privacy, personal and family secrecy.
This Operator's policy on personal data processing (hereinafter referred to as the Policy) applies to all information that the Operator may obtain about the visitors of the website https://www.dom-restaurant.ru.
2. BASIC CONCEPTS USED IN THE POLICY
Automated processing of personal data - processing of personal data by means of computing equipment;
Blocking of personal data - temporary cessation of personal data processing (except for cases when processing is necessary to clarify personal data);
Website - a set of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address https://www.dom-restaurant.ru ;Personal data information system - a set of personal data contained in databases and information technologies and technical means ensuring their processing;
Personal data depersonalization - actions, as a result of which it is impossible to determine without using additional information whether personal data belong to a particular User or other subject of personal data;Processing of personal data - any action (operation) or set of actions (operations) performed with or without the use of automation means with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;
Automated processing of personal data - processing of personal data by means of computer equipment;
Operator - a state authority, municipal authority, legal entity or individual, independently or jointly with other persons organizing and (or) carrying out processing of personal data, as well as determining the purposes of personal data processing, composition of personal data subject to processing, actions (operations) performed with personal data;
Personal Data - any information relating directly or indirectly to a certain or defined User of the website https://www.dom-restaurant.ru;
User - any visitor of the website https://www.dom-restaurant.ru;
Provision of personal data - actions aimed at disclosure of personal data to a certain person or a certain circle of persons;
Dissemination of personal data - any actions aimed at disclosure of personal data to an indefinite number of persons (transfer of personal data) or at familiarization with personal data of an unlimited number of persons, including disclosure of personal data in mass media, placement in information and telecommunication networks or providing access to personal data in any other way;
Trans-border transfer of personal data - transfer of personal data to the territory of a foreign country to a foreign government authority, a foreign individual or a foreign legal entity;
Destruction of personal data - any actions, as a result of which personal data are irretrievably destroyed with the impossibility of further recovery of the content of personal data in the personal data information system and (or) as a result of which material carriers of personal data are destroyed.
"Cookies" - a small piece of data sent by a web server and stored on the user's computer, which a web client or web browser sends to the web server in an HTTP request each time it tries to open a page of the relevant website.
3. THE OPERATOR MAY PROCESS THE FOLLOWING PERSONAL DATA OF THE USER
Surname, first name, patronymic;
Year, month, date and place of birth;
The site also collects and processes anonymized visitor data (including cookies) using Internet statistics services (Yandex Metric, Google Analytics and others).
The aforementioned data are hereinafter in the text of the Policy united by the general term Personal Data.
The Operator does not process special categories of personal data concerning race, nationality, political views, religious or philosophical beliefs, intimate life.
Processing of personal data authorized for dissemination from among the special categories of personal data specified in Article 10.1 of the Personal Data Law is allowed if the prohibitions and conditions stipulated in Article 10.1 of the Personal Data Law are complied with.
4. PURPOSES OF PERSONAL DATA PROCESSING
The purpose of processing the User's personal data is to inform the User by sending e-mails; to provide the User with access to services, information and/or materials contained on the website.
Also, the Operator has the right to send the User notifications about new products and services, special offers and various events.
The User can always refuse to receive informational messages by sending a letter to the Operator to the e-mail address firstname.lastname@example.org with the note "Refusal of notifications about new products and services and special offers".
The anonymized data of Users collected through Internet statistics services are used to collect information about Users' actions on the website, to improve the quality of the website and its content.
5. LEGAL GROUNDS FOR PERSONAL DATA PROCESSING
Processing of personal data is carried out on a lawful and fair basis.
Processing of personal data is carried out with the consent of the personal data subject to the processing of his/her personal data.
The processing of personal data is limited to the achievement of specific, predetermined and legitimate purposes. Processing of personal data incompatible with the purposes of personal data collection is not allowed.
Processing of personal data is necessary to achieve the purposes provided for by the international treaty of the Russian Federation or by law, to fulfill the functions, powers and duties assigned to the operator by the legislation of the Russian Federation.
Only personal data that meet the purposes of their processing are subject to processing.
The content and scope of processed personal data correspond to the stated purposes of processing. Redundancy of processed personal data in relation to the stated purposes of their processing is not allowed.
The Operator processes the User's personal data only if it is filled in and/or sent by the User through special forms located on the website https://www.dom-restaurant.ru.
By filling in the relevant forms and/or sending his/her personal data to the Operator, the User expresses his/her consent to this Policy.
6. PROCEDURE AND CONDITIONS OF PERSONAL DATA PROCESSING
The Operator shall collect, record, systematize, accumulate, store, clarify (update, change), extract, use, transfer (disseminate, provide, access), depersonalize, block, delete and destroy personal data.
The Operator carries out automated processing of personal data with or without receiving and/or transmitting the received information via information and telecommunication networks.
The security of personal data processed by the Operator is ensured through the implementation of legal, organizational and technical measures necessary for full compliance with the requirements of the current legislation in the field of personal data protection.
of the applicable legislation in the field of personal data protection.
The Operator ensures the safety of personal data and takes all possible measures to exclude access to personal data by unauthorized persons.
The User's personal data will never, under no circumstances, be transferred to third parties, except for cases related to the execution of the current legislation.
In case of identification of inaccuracies in personal data, the User may update them independently by sending a notice to the Operator to the Operator's e-mail address email@example.com with the note "Personal Data Update".
The period of personal data processing is limited and is determined by the achievement of the purposes for which the personal data were collected, unless another period is provided for by the contract or applicable law.
The period of storage of personal data in a form that allows to identify the subject of personal data is not longer than required by the purposes of personal data processing, unless the period of storage of personal data is established by federal law, contract, a party to which, beneficiary or guarantor of which is the subject of personal data. If the user of the website https://www.dom-restaurant.ru has given consent to the processing and use of personal data, their destruction will be carried out within 1 month after the purpose has been achieved. According to the requirement regulated by Article 21 of the Federal Law No. 152.
The condition for termination of personal data processing may be the achievement of the purposes of personal data processing, expiration of the personal data subject's consent or withdrawal of consent by the personal data subject, as well as detection of unlawful processing of personal data.
The User may withdraw his/her consent to the processing of personal data at any time by sending a notice to the Operator by e-mail to the Operator's e-mail address firstname.lastname@example.org with the note "Withdrawal of consent to the processing of personal data". If the Operator receives a request to terminate the processing of personal data, the term for termination of personal data processing is 10 calendar days.
7. TRANS-BORDER TRANSFER OF PERSONAL DATA
Before commencing the trans-border transfer of personal data, the Operator is obliged to ensure that the foreign state, to the territory of which the transfer of personal data is to be carried out, provides reliable protection of the rights of personal data subjects.
Trans-border transfer of personal data to the territory of foreign states that do not meet the above requirements may be carried out only in case of written consent of the personal data subject to the trans-border transfer of his/her personal data and/or fulfillment of an agreement to which the personal data subject is a party.
8. DESTRUCTION OF PERSONAL DATA
The Operator is obliged to destroy the subject's personal data (ensure its destruction):
When the personal data subject (or his/her representative) submits information confirming that his/her personal information is illegally obtained or is not necessary for the stated purpose of processing - within 7 working days from the date of submission of such information (part 1 of Article 14, part 3 of Article 20 of Law No. 152-FZ);
Upon detection of unlawful processing of personal information, if it is impossible to ensure its legality - within 10 working days from the date of detection of unlawful processing (part 3 of Article 21 of the Law no. 152-FZ);
If the purpose of personal data processing is achieved - within 30 days from the date of achieving the purpose of processing (part 4 of Article 21 of Law No. 152-FZ);
When a citizen revokes his/her consent to the processing of his/her personal data, if their preservation is no longer required for the purposes of personal data processing - within 30 days from the date of receipt of the revocation (part 5 of Article 21 of Law No. 152-FZ).
The documents confirming the destruction of personal data that were processed using means of automation are:
Act on destruction of personal data on electronic media;
Download from the event log in the personal data information system.
The log upload must contain:
- surname, first name, patronymic (if any) of the subject or other information related to a certain individual whose personal data were destroyed;
- the list of categories of destroyed personal data of the subject (subjects) of personal data;
- the name of the personal data information system from which the personal data of the subject (subjects) of personal data were destroyed;
-the reason of personal data destruction;
- the date of destruction of personal data of the personal data subject(s).
If unloading from the journal does not allow specifying individual information, the missing information shall be entered in the act on destruction of personal data on electronic media.
9. FINAL PROVISIONS
The User may obtain any clarifications on issues of interest regarding the processing of his/her personal data by contacting the Operator via e-mail at email@example.com.
This document will reflect any changes to the Operator's personal data processing policy. The Policy is valid indefinitely until it is replaced by a new version.
The current version of the Policy is freely available on the Internet at https://www.dom-restaurant.ru/private-police.
If you continue to use the site, you automatically agree to this Policy.
|Agree and go to the main page