Privacy policy

1. General provisions

1.1 This Privacy Policy (hereinafter referred to as the Policy) defines the basic principles, goals, conditions and methods of personal data processing cGIS TECHNOLOGIES Limited Liability Company, OGRN 1213900002271, TIN 3906399703, legal address: 236029, Kaliningrad region, Kaliningrad, Arsenalny Lane, 80-90, block section 82 (hereinafter referred to as Operator).

1.2 This Policy has been developed in compliance with the requirements of Clause 2, Part 1, Article 18.1 of Federal Law No. 152-FZ dated 27.07.2006 "On Personal Data" (hereinafter referred to as the Personal Data Law), taking into account the requirements of the Law on Personal Data and other regulatory legal acts of the Russian Federation in the field of personal data.

1.3 This Policy applies to all operations performed by the Operator with personal data with or without the use of automation tools. The operator processes the personal data of the personal data subject only if they are filled in and/or sent by the personal data subject independently through the forms on the website https://cgis.io/ru/ where user data will be collected (hereinafter referred to as the Site). By filling out the appropriate forms and/or sending their personal data to the Operator, the personal data subject agrees to this Policy.

1.4 The personal data subject independently decides on the provision of his personal data and gives consent freely, voluntarily and in his own interest.

1.5 This Policy is subject to updating at the initiative of the Operator, as well as in the event of changes in the legislation of the Russian Federation on personal data.

2. Basic concepts

2.1 For the purposes of this Policy, the following terms are used in the following meaning:

Personal data is any information related directly or indirectly to a specific or identifiable natural person (personal data subject).

Biometric personal data is information that characterizes the physiological and biological characteristics of a person, on the basis of which it is possible to establish his identity.

Personal data processing is any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.

Automated personal data processing is the processing of personal data using computer technology.

Dissemination of personal data is an action aimed at disclosing personal data to an unspecified group of people.

Providing personal data is an action aimed at disclosing personal data to a specific person or a specific circle of people.

Blocking of personal data is the temporary termination of the processing of personal data (except in cases where the processing is necessary to clarify personal data).

Destruction of personal data - actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which the material carriers of personal data are destroyed.

Depersonalization of personal data is an action that makes it impossible to determine whether personal data belongs to a specific personal data subject without using additional information.

The subject of personal data is an individual who can be directly or indirectly identified using personal data.

Consent to the processing of personal data, Consent is a written or digital document that confirms the Subject's voluntary decision to transfer personal data to the Operator in the amount, on the terms and for the purposes defined by this Policy and agreements concluded between the Subject and the Operator.

3. Principles and purposes of personal data processing

3.1 The processing of personal data by the Operator is carried out taking into account the need to ensure the protection of the rights and freedoms of personal data subjects, including the protection of the right to privacy, personal and family secrets, based on the following principles:

– the processing of personal data is carried out on a legal basis;

– the processing of personal data is limited to the achievement of specific, predetermined and legitimate purposes;

– processing of personal data incompatible with the purposes of personal data collection is not allowed.;

– the content and volume of personal data processed correspond to the stated purposes of processing. Redundancy of the processed personal data in relation to the stated purposes of their processing is not allowed.;

– when processing personal data, the accuracy of personal data, their sufficiency, and, if necessary, relevance to the purposes of personal data processing are ensured.;

– personal data is stored in a form that makes it possible to identify the subject of personal data for no longer than the purposes of personal data processing require, unless the period of personal data storage is established by federal law, an agreement to which the Personal Data Subject is a party, beneficiary or guarantor.;

– the personal data being processed is destroyed or depersonalized upon achievement of the processing objectives or in case of loss of the need to achieve these objectives, unless otherwise provided by federal law.

3.2 The processing of personal data by the Operator is carried out for the following purposes:

– identification of the Subject in order to conclude any contracts with the Operator and their further execution;

– the Operator conducts promotions, surveys, interviews, tests and research on the Website;

– establishing feedback with the Subject, including, but not limited to: sending newsletters, notifications in the form of SMS, emails, oral and written requests, processing requests and requests from the Subject;

– confirmation of the accuracy and completeness of the personal data provided by the Subject;

– statistical and other research and (or) analytical purposes, subject to depersonalization of the Subject's personal data.

4. Scope and categories of personal data processed, categories of personal data subjects

4.1 The Operator may process the personal data of the following Subjects:

– counterparties — individuals and representatives of counterparties — legal entities;

– Site visitors.

4.2 Personal data processed by the Operator includes:

– last name, first name, patronymic of the Personal data Subject;

– the address of the place of residence/stay or other address specified by the Subject when concluding contracts with the Operator;

– mobile phone number;

– e-mail address;

– the history of requests and views on the Site and its services;

– cookies, information about the user's location, information about the user's actions on the Site, information about the user's equipment, date and time of the session.

4.3 The Operator ensures that the content and volume of the personal data being processed correspond to the stated purposes of processing and, if necessary, takes measures to eliminate their redundancy in relation to the stated purposes of processing.

5. Procedure and conditions of personal data processing

5.1 The processing of personal data by the Operator is carried out in the following ways:

– non-automated processing of personal data;

– automated processing of personal data with or without transmission of the received information via information and telecommunication networks, including processing using automated database management systems and other software tools;

– mixed processing of personal data.

5.2 The list of actions performed by the Operator with personal data: collection, systematization, accumulation, storage, clarification (updating, modification), use, distribution (including transfer), depersonalization, blocking, destruction on the territory of the Russian Federation in accordance with the current legislation of the Russian Federation.

5.3 The personal data subject decides on the provision of his personal data and gives Consent freely, voluntarily and in his own interest.

5.4 The Operator does not process biometric personal data.

5.5 There is no cross-border transfer of personal data by the Operator.

5.6 The Operator does not process special categories of personal data related to race, nationality, political views, religious or philosophical beliefs, or intimate life.

5.7 The condition for termination of personal data processing may be the achievement of the purposes of personal data processing, the expiration of Consent or withdrawal of Consent by the Personal data Subject, as well as the identification of unlawful processing of personal data.

5.8 The period of personal data processing is unlimited. The Subject may revoke his Consent to the processing of personal data at any time by sending an e-mail notification to the Operator to the Operator's e-mail address specified in section 10 of this Policy, marked "Revocation of consent to the processing of personal data".

5.9 The Operator undertakes to stop processing the Subject's personal data within 5 (five) business days from the date of receipt of the notification in accordance with clause 5.8 of this Policy.

6. Basic rights and obligations

6.1 The Operator has the right to:

6.1.1 receive reliable information and/or documents containing personal data from the Subject;

6.1.2 require the Personal Data Subject to provide timely clarification of the personal data provided.

6.2 The Operator is obliged to:

6.2.1 process personal data in accordance with the procedure established by the current legislation of the Russian Federation;

6.2.2 consider the requests of the Personal Data Subject (his legal representative) regarding the processing of personal data and provide reasoned answers;

6.2.3 provide the Personal data Subject (his legal representative) with the opportunity to freely access his personal data free of charge;

6.2.4 take measures to clarify and destroy the personal data of the personal data subject in connection with his (his legal representative's) handling of legitimate and reasonable demands;

6.2.5 organize the protection of personal data in accordance with the requirements of the legislation of the Russian Federation.

6.3 Subjects of personal data have the right to:

6.3.1 full information about their personal data processed by the Operator;

6.3.2 the right to access their personal data, including the right to receive a copy of any record containing their personal data, except in cases provided for by federal law;

6.3.3 to clarify their personal data, to block or destroy them in cases where the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing;

6.3.4 withdrawal of Consent to the processing of personal data;

6.3.5 to take measures provided for by law to protect their rights;

6.3.6 to exercise other rights provided for by the legislation of the Russian Federation.

6.4 Subjects of personal data are obliged to:

6.4.1 provide the Operator with reliable personal information;

6.4.2 provide documents containing personal data to the extent necessary for the purpose of processing;

6.4.3 inform the Operator about the clarification (updating, modification) of their personal data.

6.5 Persons who have provided the Operator with false information about themselves or information about another Personal Data Subject without the latter's consent are liable in accordance with the legislation of the Russian Federation.

7. Dispute resolution procedure

7.1 All disputes and disagreements that may arise between the Operator and the Subjects on issues that have not been resolved in the text of the Policy must be resolved through negotiations.

7.2 The Parties are obliged to comply with the claims procedure for dispute resolution. Before filing a claim with the court for disputes arising from the relationship between the Entity and the Operator, a claim is submitted (a written proposal for a voluntary settlement of the dispute). The claim review period is 30 (thirty) calendar days from the date of receipt of the claim, unless another procedure for pre-trial settlement is established by the current legislation of the Russian Federation.

7.3 If disputes are not resolved during the negotiation process, disputes arising from the Policy are resolved in a court of general jurisdiction at the Operator's location. The current legislation of the Russian Federation applies to this Policy and the relations between the Entity and the Operator.

8. Final provisions

8.1 The Operator has the right to make changes to this Policy. When making changes to the current version, the date of the last update is indicated. The new version of the Policy comes into force from the moment it is posted on the Website, unless otherwise provided by the new version of the Policy. The current version is always available on the Website.

8.2 This Policy approves the Consent form for the processing of personal data of users of the Site (Appendix No. 1 to this Policy), which is publicly available on the Site at the link: https://cgis.io/ru/

9. Operator's details

cGIS TECHNOLOGIES Limited Liability Company

Address: 82 Arsenalny Lane, Kaliningrad, 236029

OGRN: 1213900002271

INN: 3906399703

Email address: info@cgis.io

Phone: +7 (906) 237 55 19

sv_SESvenska
ru_RUРусский en_USEnglish sv_SESvenska