Privacy policy and personal data processing
1.1 The Personal Data Processing Policy (hereinafter referred to as the "Policy") is issued and applied by TECCOD LLC (hereinafter referred to as the "Operator") in accordance with paragraph 2 of part 1 of Art. 18.1 of the Federal Law of July 27, 2006 N 152-FZ "On Personal Data".
This Policy defines the procedure and conditions of the Operator regarding the processing of personal data, establishes provisions aimed at complying with the legislation of the Russian Federation regarding the processing of personal data.
All issues related to the processing of personal data that are not regulated by this Policy are resolved in accordance with the current legislation of the Russian Federation in the field of personal data.
This Policy defines the procedure and conditions of the Operator regarding the processing of personal data, establishes provisions aimed at complying with the legislation of the Russian Federation regarding the processing of personal data.
All issues related to the processing of personal data that are not regulated by this Policy are resolved in accordance with the current legislation of the Russian Federation in the field of personal data.
1. Introduction.
2. Basic provisions.
2.1. The purpose of processing personal data is: the provision of services by the Operator on behalf of the subject of personal data.
2.2. Processing is organized by the Operator on the principles of:
legitimacy of the purposes and methods of processing personal data, good faith and fairness in the activities of the Operator;
the reliability of personal data, their sufficiency for the purposes of processing, the inadmissibility of processing personal data that is excessive in relation to the purposes stated when collecting personal data;
processing only those personal data that meet the purposes of their processing. The processed personal data should not be excessive in relation to the stated purposes of their processing;
compliance of the content and scope of the processed personal data with the stated purposes of processing.
the inadmissibility of combining databases containing personal data, the processing of which is carried out for purposes that are incompatible with each other;
ensuring the accuracy of personal data, their sufficiency, and, if necessary, relevance in relation to the purposes of processing personal data.
The operator takes the necessary measures or ensures their adoption to remove or clarify incomplete or inaccurate data;
storage of personal data in a form that allows you to determine the subject of personal data, no longer than required by the purposes of processing personal data;
ensuring recording, systematization, accumulation, storage, clarification (updates, changes), extraction of personal data of citizens of the Russian Federation using databases located on the territory of the Russian Federation.
2.3. The operator processes the following personal data:
name, surname of the subject of personal data;
telephone number of the subject of personal data;
e-mail of the subject of personal data.
2.4. The personal data specified above are processed using automation tools and without the use of automation tools. When processing personal data without the use of automation tools, the Operator is guided by the Regulations on the specifics of the processing of personal data carried out without the use of automation tools, approved by Decree of the Government of the Russian Federation of September 15, 2008 N 687.
2.5. When processing personal data, the Operator applies legal, organizational and technical measures to ensure the security of personal data in accordance with Art. 19 of the Federal Law of July 27, 2006 N 152-FZ "On Personal Data". The Operator provides services by placing its Internet site on the site https://getcourse.ru/, which is the software "GETCURS 2.0.", Designed to create an online school and organize the learning process on the Internet. The getcourse.ru site uses the HTTPS extension to the HTTP protocol in order to improve security and protect information.
2.6. The Operator does not disclose to third parties and does not distribute personal data without the consent of the subject of personal data, except as provided by the current legislation of the Russian Federation and this Policy.
2.7. The assessment of the harm that may be caused to personal data subjects in the event that the Operator violates the requirements of the Federal Law of July 27, 2006 N 152-FZ “On Personal Data” is determined in accordance with Art. Art. 15, 151, 152, 1101 of the Civil Code of the Russian Federation.
2.7.1. The ratio of the specified harm and the measures taken by the Operator aimed at preventing, preventing and / or eliminating its consequences is determined in accordance with the Federal Law of the Russian Federation of July 27, 2006 N 152-FZ “On Personal Data”.
2.8. Conditions for processing personal data by the Operator:
1) personal data are processed by the Operator after the acceptance by the subject of personal data of an offer for the provision of services.
2) in accordance with paragraph 5 of Article 6 of the Federal Law of July 27, 2006 No. 152-FZ “On Personal Data”, the subject of personal data accepts the offer on his own initiative and is a party and beneficiary under the contract concluded by him. Separate consent to the processing of personal data of the subject in this case is not required.
3) the terms of this Policy are available to users in the public domain, until the acceptance of the offer for the provision of services.
2.9. The storage of personal data of users is carried out in a form that allows you to determine the subject of personal data.
2.10. Personal data is subject to destruction upon achievement of the purposes of processing. Deletion of personal data is carried out by deleting the account, after which such a record cannot be restored.
2.11. Interaction with federal executive authorities on the processing and protection of personal data of subjects whose personal data is processed by the Operator is carried out within the framework of the legislation of the Russian Federation.
2.2. Processing is organized by the Operator on the principles of:
legitimacy of the purposes and methods of processing personal data, good faith and fairness in the activities of the Operator;
the reliability of personal data, their sufficiency for the purposes of processing, the inadmissibility of processing personal data that is excessive in relation to the purposes stated when collecting personal data;
processing only those personal data that meet the purposes of their processing. The processed personal data should not be excessive in relation to the stated purposes of their processing;
compliance of the content and scope of the processed personal data with the stated purposes of processing.
the inadmissibility of combining databases containing personal data, the processing of which is carried out for purposes that are incompatible with each other;
ensuring the accuracy of personal data, their sufficiency, and, if necessary, relevance in relation to the purposes of processing personal data.
The operator takes the necessary measures or ensures their adoption to remove or clarify incomplete or inaccurate data;
storage of personal data in a form that allows you to determine the subject of personal data, no longer than required by the purposes of processing personal data;
ensuring recording, systematization, accumulation, storage, clarification (updates, changes), extraction of personal data of citizens of the Russian Federation using databases located on the territory of the Russian Federation.
2.3. The operator processes the following personal data:
name, surname of the subject of personal data;
telephone number of the subject of personal data;
e-mail of the subject of personal data.
2.4. The personal data specified above are processed using automation tools and without the use of automation tools. When processing personal data without the use of automation tools, the Operator is guided by the Regulations on the specifics of the processing of personal data carried out without the use of automation tools, approved by Decree of the Government of the Russian Federation of September 15, 2008 N 687.
2.5. When processing personal data, the Operator applies legal, organizational and technical measures to ensure the security of personal data in accordance with Art. 19 of the Federal Law of July 27, 2006 N 152-FZ "On Personal Data". The Operator provides services by placing its Internet site on the site https://getcourse.ru/, which is the software "GETCURS 2.0.", Designed to create an online school and organize the learning process on the Internet. The getcourse.ru site uses the HTTPS extension to the HTTP protocol in order to improve security and protect information.
2.6. The Operator does not disclose to third parties and does not distribute personal data without the consent of the subject of personal data, except as provided by the current legislation of the Russian Federation and this Policy.
2.7. The assessment of the harm that may be caused to personal data subjects in the event that the Operator violates the requirements of the Federal Law of July 27, 2006 N 152-FZ “On Personal Data” is determined in accordance with Art. Art. 15, 151, 152, 1101 of the Civil Code of the Russian Federation.
2.7.1. The ratio of the specified harm and the measures taken by the Operator aimed at preventing, preventing and / or eliminating its consequences is determined in accordance with the Federal Law of the Russian Federation of July 27, 2006 N 152-FZ “On Personal Data”.
2.8. Conditions for processing personal data by the Operator:
1) personal data are processed by the Operator after the acceptance by the subject of personal data of an offer for the provision of services.
2) in accordance with paragraph 5 of Article 6 of the Federal Law of July 27, 2006 No. 152-FZ “On Personal Data”, the subject of personal data accepts the offer on his own initiative and is a party and beneficiary under the contract concluded by him. Separate consent to the processing of personal data of the subject in this case is not required.
3) the terms of this Policy are available to users in the public domain, until the acceptance of the offer for the provision of services.
2.9. The storage of personal data of users is carried out in a form that allows you to determine the subject of personal data.
2.10. Personal data is subject to destruction upon achievement of the purposes of processing. Deletion of personal data is carried out by deleting the account, after which such a record cannot be restored.
2.11. Interaction with federal executive authorities on the processing and protection of personal data of subjects whose personal data is processed by the Operator is carried out within the framework of the legislation of the Russian Federation.
3. Third parties involved in the processing of personal data.
3.1. Sistema GETKURS LLC (https://getcourse.ru/) TIN 9731055900 / KPP 773101001, OGRN 1197746675170, location: 121596, Moscow, Gorbunova street, house 2 building 3, room 3.
3.2. Hosting services and dedicated server services are provided by Selectel LLC https://selectel.ru/about/details.
3.2. Hosting services and dedicated server services are provided by Selectel LLC https://selectel.ru/about/details.
4. Responsible for the processing of personal data.
4.1. The Operator or his legal representative is responsible for the processing of personal data.
4.2. Responsible for the processing of personal data:
4.2.1. exercises internal control over compliance with the legislation of the Russian Federation on personal data, including requirements for the protection of personal data;
4.2.2. controls the acceptance and processing of appeals and requests from personal data subjects or their representatives;
4.2.3. takes measures to detect facts of unauthorized access to personal data;
4.2.4.performs constant monitoring of ensuring the level of protection of personal data;
4.2.5. carries out internal control and (or) audit of the compliance of the processing of personal data with the Federal Law of July 27, 2006 N 152-FZ "On Personal Data" and the regulatory legal acts adopted in accordance with it.
4.2. Responsible for the processing of personal data:
4.2.1. exercises internal control over compliance with the legislation of the Russian Federation on personal data, including requirements for the protection of personal data;
4.2.2. controls the acceptance and processing of appeals and requests from personal data subjects or their representatives;
4.2.3. takes measures to detect facts of unauthorized access to personal data;
4.2.4.performs constant monitoring of ensuring the level of protection of personal data;
4.2.5. carries out internal control and (or) audit of the compliance of the processing of personal data with the Federal Law of July 27, 2006 N 152-FZ "On Personal Data" and the regulatory legal acts adopted in accordance with it.
5. The procedure for ensuring the rights of subjects of personal data by the operator.
5.1. Subjects of personal data or their representatives have the rights provided for by the Federal Law of July 27, 2006 N 152-FZ "On Personal Data".
5.2. The operator ensures the rights of personal data subjects in the manner prescribed by chapters 3 and 4 of the Federal Law of July 27, 2006 N 152-FZ "On Personal Data".
5.3. The authority of the representative to represent the interests of each subject of personal data is confirmed by an appropriate power of attorney.
5.4. The information specified in Part 7 of Art. 22 of the Federal Law of July 27, 2006 N 152-FZ “On Personal Data”, are provided to the subject of personal data in an accessible form without personal data relating to other subjects of personal data, unless there are legal grounds for disclosing such personal data, in in electronic format. At the request of the subject of personal data, they can be duplicated on paper.
5.5. The information specified in Part 7 of Art. 22 of the Federal Law of July 27, 2006 N 152-FZ “On Personal Data”, are provided to the subject of personal data or his representative upon personal contact or upon receipt of a request from the subject of personal data or his representative. The request must contain the number of the main document proving the identity of the subject of personal data or his representative, information about the date of issue of the specified document and the authority that issued it, information confirming the participation of the subject of personal data in relations with the Operator (contract number, date of conclusion of the contract, conditional verbal designation and (or) other information), or information otherwise confirming the fact of processing personal data by the Operator, the signature of the personal data subject or his representative. If it is technically possible, the request may be sent in the form of an electronic document and signed with an electronic signature in accordance with the legislation of the Russian Federation.
5.6. The right of the subject of personal data to access his personal data may be limited in accordance with federal laws.
5.7. The operator is obliged to provide free of charge to the subject of personal data or his representative the opportunity to get acquainted with the personal data relating to this subject of personal data, at the place of his location during working hours.
5.2. The operator ensures the rights of personal data subjects in the manner prescribed by chapters 3 and 4 of the Federal Law of July 27, 2006 N 152-FZ "On Personal Data".
5.3. The authority of the representative to represent the interests of each subject of personal data is confirmed by an appropriate power of attorney.
5.4. The information specified in Part 7 of Art. 22 of the Federal Law of July 27, 2006 N 152-FZ “On Personal Data”, are provided to the subject of personal data in an accessible form without personal data relating to other subjects of personal data, unless there are legal grounds for disclosing such personal data, in in electronic format. At the request of the subject of personal data, they can be duplicated on paper.
5.5. The information specified in Part 7 of Art. 22 of the Federal Law of July 27, 2006 N 152-FZ “On Personal Data”, are provided to the subject of personal data or his representative upon personal contact or upon receipt of a request from the subject of personal data or his representative. The request must contain the number of the main document proving the identity of the subject of personal data or his representative, information about the date of issue of the specified document and the authority that issued it, information confirming the participation of the subject of personal data in relations with the Operator (contract number, date of conclusion of the contract, conditional verbal designation and (or) other information), or information otherwise confirming the fact of processing personal data by the Operator, the signature of the personal data subject or his representative. If it is technically possible, the request may be sent in the form of an electronic document and signed with an electronic signature in accordance with the legislation of the Russian Federation.
5.6. The right of the subject of personal data to access his personal data may be limited in accordance with federal laws.
5.7. The operator is obliged to provide free of charge to the subject of personal data or his representative the opportunity to get acquainted with the personal data relating to this subject of personal data, at the place of his location during working hours.
