Privacy Policy

1. General provisions

This personal data processing policy is compiled in accordance with the requirements of Federal Law No. 152-FZ dated July 27, 2006 "On Personal Data" (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data taken by Individual Entrepreneur Kutsavalov Konstantin Dmitrievich (hereinafter referred to as the Operator).
1.1. The Operator sets as its most important goal and condition for carrying out its activities the observance of human and civil rights and freedoms when processing his personal data, including protection of the right to privacy, personal and family secrets.
1.2. This Operator's policy regarding personal data processing (hereinafter referred to as the Policy) applies to all information that the Operator may obtain about website visitors https://koyutech.ru.

2. Main concepts used in the Policy

2.1. Automated personal data processing — processing of personal data using computing equipment.
2.2. Personal data blocking — temporary suspension of personal data processing (except cases where processing is necessary to clarify personal data).
2.3. Website — a combination of graphic and information materials, as well as computer programs and databases that ensure their availability on the Internet at the network address https://koyutech.ru.
2.4. Personal data information system — a combination of personal data contained in databases and information technologies and technical means that ensure their processing.
2.5. Personal data anonymization — actions as a result of which it is impossible to determine without using additional information the affiliation of personal data to a particular User or other personal data subject.
2.6. Personal data processing — any action (operation) or combination of actions (operations) performed using automation means or without using such means with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.
2.7. Operator — government agency, municipal agency, legal entity or individual, acting independently or jointly with other persons organizing and/or carrying out personal data processing, as well as determining the purposes of personal data processing, the composition of personal data to be processed, actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to a specific or determinable User of the website https://koyutech.ru.
2.9. Personal data permitted by the personal data subject for distribution — personal data for which unlimited access by a circle of persons is provided by the personal data subject by giving consent to the processing of personal data permitted by the personal data subject for distribution in the manner provided for by the Personal Data Law (hereinafter — personal data permitted for distribution).
2.10. User — any visitor to the website https://koyutech.ru.
2.11. Personal data provision — actions aimed at disclosing personal data to a specific person or a specific circle of persons.
2.12. Personal data distribution — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or familiarizing an unlimited circle of persons with personal data, including publication of personal data in mass media, placement in information and telecommunications networks or providing access to personal data in any other way.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to the authority of a foreign state, to a foreign individual or foreign legal entity.
2.14. Destruction of personal data — any actions as a result of which personal data are irreversibly destroyed with impossibility of further recovery of personal data content in the personal data information system and/or physical carriers of personal data are destroyed.

3. Main rights and obligations of the Operator

3.1. The Operator has the right:

• — получать от субъекта персональных данных достоверные информацию и/или документы, содержащие персональные данные;
• — в случае отзыва субъектом персональных данных согласия на обработку персональных данных, а также, направления обращения с требованием о прекращении обработки персональных данных, Оператор вправе продолжить обработку персональных данных без согласия субъекта персональных данных при наличии оснований, указанных в Законе о персональных данных;
• — самостоятельно определять состав и перечень мер, необходимых и достаточных для обеспечения выполнения обязанностей, предусмотренных Законом о персональных данных и принятыми в соответствии с ним нормативными правовыми актами, если иное не предусмотрено Законом о персональных данных или другими федеральными законами.

3.2. The Operator is obliged:

• — предоставлять субъекту персональных данных по его просьбе информацию, касающуюся обработки его персональных данных;
• — организовывать обработку персональных данных в порядке, установленном действующим законодательством РФ;
• — отвечать на обращения и запросы субъектов персональных данных и их законных представителей в соответствии с требованиями Закона о персональных данных;
• — сообщать в уполномоченный орган по защите прав субъектов персональных данных по запросу этого органа необходимую информацию в течение 30 дней с даты получения такого запроса;
• — публиковать или иным образом обеспечивать неограниченный доступ к настоящей Политике в отношении обработки персональных данных;
• — принимать правовые, организационные и технические меры для защиты персональных данных от неправомерного или случайного доступа к ним, уничтожения, изменения, блокирования, копирования, предоставления, распространения персональных данных, а также от иных неправомерных действий в отношении персональных данных;
• — прекратить передачу (распространение, предоставление, доступ) персональных данных, прекратить обработку и уничтожить персональные данные в порядке и случаях, предусмотренных Законом о персональных данных;
• — исполнять иные обязанности, предусмотренные Законом о персональных данных.

4. Main rights and obligations of personal data subjects

4.1. Personal data subjects have the right:

• — получать информацию, касающуюся обработки его персональных данных, за исключением случаев, предусмотренных федеральными законами. Сведения предоставляются субъекту персональных данных Оператором в доступной форме, и в них не должны содержаться персональные данные, относящиеся к другим субъектам персональных данных, за исключением случаев, когда имеются законные основания для раскрытия таких персональных данных. Перечень информации и порядок ее получения установлен Законом о персональных данных;
• — требовать от оператора уточнения его персональных данных, их блокирования или уничтожения в случае, если персональные данные являются неполными, устаревшими, неточными, незаконно полученными или не являются необходимыми для заявленной цели обработки, а также принимать предусмотренные законом меры по защите своих прав;
• — выдвигать условие предварительного согласия при обработке персональных данных в целях продвижения на рынке товаров, работ и услуг;
• — на отзыв согласия на обработку персональных данных, а также, на направление требования о прекращении обработки персональных данных;
• — обжаловать в уполномоченный орган по защите прав субъектов персональных данных или в судебном порядке неправомерные действия или бездействие Оператора при обработке его персональных данных;
• — на осуществление иных прав, предусмотренных законодательством РФ.

4.2. Personal data subjects are obliged:

• — предоставлять Оператору достоверные данные о себе;
• — сообщать Оператору об уточнении (обновлении, изменении) своих персональных данных.

4.3. Persons who provided the Operator with false information about themselves, or information about another personal data subject without the latter's consent, bear responsibility in accordance with the legislation of the Russian Federation.

5. Principles of personal data processing

5.1. Personal data processing is carried out on a legal and fair basis.
5.2. Personal data processing is limited to achieving specific, predetermined and legitimate purposes. Processing of personal data incompatible with the purposes of collecting personal data is not allowed.
5.3. Combining databases containing personal data whose processing is carried out for incompatible purposes is not allowed.
5.4. Only personal data that meets the purposes of their processing are subject to processing.
5.5. The content and volume of processed personal data correspond to the stated purposes of processing. Excessiveness of processed personal data in relation to the stated purposes of their processing is not allowed.
5.6. When processing personal data, the accuracy of personal data, their sufficiency, and if necessary, relevance in relation to the purposes of personal data processing are ensured. The Operator takes necessary measures and/or ensures their adoption for deleting or clarifying incomplete or inaccurate data.
5.7. Personal data storage is carried out in a form that allows identifying the personal data subject, no longer than required by the purposes of personal data processing, if the personal data retention period is not established by federal law, contract, party to which, beneficiary or guarantor is a personal data subject. Processed personal data are destroyed or anonymized upon achievement of processing purposes or in case of loss of necessity to achieve these purposes, unless otherwise provided by federal law.

6. Purposes of personal data processing

7. Conditions for personal data processing

7.1. Personal data processing is carried out with the consent of the personal data subject to process his personal data.
7.2. Personal data processing is necessary to achieve purposes provided for by an international treaty of the Russian Federation or by law, to carry out functions, powers and duties imposed on the operator by the legislation of the Russian Federation.
7.3. Personal data processing is necessary for administration of justice, enforcement of court decisions, acts of other bodies or officials subject to enforcement in accordance with the legislation of the Russian Federation on enforcement proceedings.
7.4. Personal data processing is necessary for the performance of a contract, the party to which, beneficiary or guarantor of which is a personal data subject, as well as for concluding a contract at the initiative of a personal data subject or a contract under which a personal data subject will be a beneficiary or guarantor.
7.5. Personal data processing is necessary for the implementation of rights and legitimate interests of the operator or third parties or for achieving socially significant purposes provided that this does not violate the rights and freedoms of the personal data subject.
7.6. Processing of personal data is carried out, access to which by an unlimited circle of persons is provided by the personal data subject or at his request (hereinafter — publicly accessible personal data).
7.7. Processing of personal data subject to publication or mandatory disclosure in accordance with federal law is carried out.

8. Procedure for collection, storage, transfer and other types of personal data processing

Security of personal data processed by the Operator is ensured by implementing legal, organizational and technical measures necessary for full compliance with the requirements of current legislation in the field of personal data protection.
8.1. The Operator ensures the preservation of personal data and takes all possible measures to exclude access to personal data by unauthorized persons.
8.2. User's personal data will never, under any circumstances, be transferred to third parties, except for cases related to the implementation of current legislation or in case the personal data subject has given consent to the Operator to transfer data to a third party for the performance of obligations under a civil law contract.
8.3. In case of detection of inaccuracies in personal data, the User can update them independently by sending the Operator a notification to the Operator's email address contact@koyu.tech marked "Updating personal data".
8.4. The term of personal data processing is determined by achieving the purposes for which personal data were collected, if another term is not provided for by the contract or current legislation. The User can at any time revoke his consent to personal data processing by sending the Operator a notification by electronic mail to the Operator's email address contact@koyu.tech marked "Revocation of consent to personal data processing".
8.5. All information collected by third-party services, including payment systems, communication means and other service providers, is stored and processed by the said persons (Operators) in accordance with their User Agreement and Privacy Policy. The personal data subject and/or with the said documents. The Operator is not liable for the actions of third parties, including the service providers mentioned in this paragraph.
8.6. Restrictions established by the personal data subject on the transfer (except for providing access), as well as on the processing or conditions of processing (except for obtaining access) of personal data permitted for distribution, do not apply in cases of personal data processing in state, public and other public interests defined by the legislation of the Russian Federation.
8.8. The Operator stores personal data in a form that allows identifying the personal data subject, no longer than required by the purposes of personal data processing, if the personal data retention period is not established by federal law, contract, party to which, beneficiary or guarantor of which is a personal data subject.
8.7. The Operator ensures the confidentiality of personal data when processing personal data.
8.9. The grounds for termination of personal data processing may be achievement of personal data processing purposes, expiration of the consent period of the personal data subject, revocation of consent by the personal data subject or a requirement to terminate personal data processing, as well as detection of improper personal data processing.

9. List of actions performed by the Operator with received personal data

9.1. The Operator carries out collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion and destruction of personal data.
9.2. The Operator carries out automated processing of personal data with receiving and/or transmitting received information through information and telecommunications networks or without such.

10. Cross-border transfer of personal data

10.1. The Operator before beginning activities on cross-border transfer of personal data must notify the authorized body for protecting personal data subjects' rights of its intention to carry out cross-border transfer of personal data (such notification is sent separately from the notification of intention to process personal data).
10.2. The Operator before submitting the above notification must obtain from the authorities of a foreign state, foreign individuals, foreign legal entities to which cross-border transfer of personal data is planned, the relevant information.

11. Confidentiality of personal data

The Operator and other persons who have gained access to personal data are obliged not to disclose to third parties and not to distribute personal data without the consent of the personal data subject, unless otherwise provided by federal law.

12. Final provisions

12.1. The User can obtain any clarifications on interested questions regarding the processing of his personal data by contacting the Operator via email contact@koyu.tech.
12.2. Any changes to the Operator's personal data processing policy will be reflected in this document. The Policy is effective indefinitely until replaced by a new version.
12.3. The current version of the Policy is freely available on the Internet at the address https://koyutech.ru/privacy