1. General Provisions
This Personal Data Processing Policy has been prepared in accordance with the requirements of Federal Law No. 152-FZ dated 27.07.2006 “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures taken by LLC “Industrial Engineering” (hereinafter referred to as the Operator) to ensure the security of personal data.
1.1. The Operator considers as its most important goal and condition of its activity the observance of human and civil rights and freedoms when processing personal data, including the protection of the right to privacy, personal and family confidentiality.
1.2. This Operator’s Personal Data Processing Policy (hereinafter referred to as the Policy) applies to all information that the Operator may obtain about visitors of the website https://www.prom-e.su.
2. Key Terms Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computing equipment.
2.2. Blocking of personal data — temporary suspension of personal data processing (except where processing is required to clarify personal data).
2.3. Website — a set of graphic and informational materials, as well as software and databases ensuring their availability on the Internet at https://www.prom-e.su.
2.4. Personal data information system — a set of personal data contained in databases and information technologies and technical means ensuring their processing.
2.5. Depersonalization of personal data — actions resulting in the impossibility of identifying a specific User or personal data subject without additional information.
2.6. Processing of personal data — any action (operation) or set of actions performed with or without automation tools, including collection, recording, systematization, accumulation, storage, clarification (update, change), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state or municipal authority, legal entity, or individual who independently or jointly organizes and/or processes personal data, determines the purposes of processing, the composition of personal data, and actions performed with them.
2.8. Personal data — any information relating directly or indirectly to an identified or identifiable User of https://www.prom-e.su.
2.9. Personal data authorized for distribution — personal data made accessible to an unlimited number of persons by the data subject through consent in accordance with the Personal Data Law.
2.10. User — any visitor of https://www.prom-e.su.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Distribution of personal data — any actions aimed at disclosing personal data to an indefinite number of persons, including publication in information and telecommunication networks.
2.13. Cross-border transfer of personal data — transfer of personal data to a foreign state authority, foreign individual, or legal entity.
2.14. Destruction of personal data — actions resulting in irreversible deletion of personal data without the possibility of recovery.
3. Rights and Obligations of the Operator
3.1. The Operator has the right to:
— obtain reliable information and/or documents containing personal data from the data subject;
— continue processing personal data without consent in cases provided by law;
— independently determine necessary and sufficient measures to ensure compliance with legal requirements.
3.2. The Operator is obliged to:
— provide information regarding personal data processing upon request of the data subject;
— organize personal data processing in accordance with Russian legislation;
— respond to requests from data subjects;
— provide information to the authorized data protection body within 10 days upon request;
— publish or otherwise ensure free access to this Policy;
— implement legal, organizational, and technical measures to protect personal data;
— cease processing and destroy personal data when required by law;
— comply with other legal obligations.
4. Rights and Obligations of Data Subjects
4.1. Data subjects have the right to:
— obtain information regarding processing of their personal data;
— require correction, blocking, or deletion of personal data;
— set conditions for prior consent for marketing purposes;
— withdraw consent;
— appeal unlawful actions of the Operator;
— exercise other rights under Russian law.
4.2. Data subjects are obliged to:
— provide accurate personal data;
— inform the Operator of updates or changes.
4.3. Persons providing false data or data of third parties without consent bear liability under Russian law.
5. Principles of Personal Data Processing
5.1. Processing is carried out on a lawful and fair basis.
5.2. Processing is limited to specific, predefined lawful purposes.
5.3. Data sets for incompatible purposes shall not be combined.
5.4. Only data relevant to processing purposes shall be processed.
5.5. Data volume shall not exceed stated purposes.
5.6. Data accuracy and relevance shall be ensured.
5.7. Storage is limited to the period required for processing purposes.
6. Purposes of Personal Data Processing
Purpose: User communication via email notifications.
Personal data processed: full name, email address, phone number, photo.
Processing operations: collection, recording, systematization, accumulation, storage, destruction, depersonalization, and email communication.
7. Conditions for Personal Data Processing
Processing is carried out:
7.1. With the consent of the data subject;
7.2. When required by law or international agreements;
7.3. For judicial or enforcement proceedings;
7.4. For contract execution or conclusion;
7.5. For legitimate interests of the Operator;
7.6. For publicly available data;
7.7. For legally required disclosure.
8. Procedure for Collection, Storage, Transfer and Other Processing
8.1. The Operator ensures data security and prevents unauthorized access.
8.2. Personal data is not transferred to third parties except as required by law or with consent.
8.3. Users may update data via email: d.kozlov@prom-e.su (“Personal Data Update”).
8.4. Storage period is limited to processing purposes. Consent may be withdrawn via email (“Withdrawal of Consent”).
8.5. Third-party services process data independently under their own policies.
8.6. Restrictions on data processing do not apply in public interest cases defined by law.
8.7. Confidentiality of personal data is ensured.
8.8. Data is stored no longer than necessary.
8.9. Processing may be terminated upon completion of purposes, withdrawal of consent, or legal violation.
9. List of Processing Operations
The Operator performs: collection, recording, systematization, accumulation, storage, updating, modification, retrieval, use, transfer, depersonalization, blocking, deletion, destruction.
Automated and non-automated processing methods are used.
10. Cross-Border Data Transfer
10.1. The Operator must notify the authorized data protection body prior to cross-border transfer.
10.2. The Operator must obtain necessary confirmations from foreign recipients before transfer.
11. Confidentiality
The Operator and any persons receiving access to personal data must not disclose or distribute such data without consent unless required by law.
12. Final Provisions
12.1. Users may contact the Operator at d.kozlov@prom-e.su for clarifications.
12.2. The Policy may be updated; the current version remains valid indefinitely until replaced.
12.3. The current version is available at: https://www.prom-e.su/policy_eng