PRIVACY POLICY
General Provisions
Key Concepts Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computing technology.
2.2. Blocking of personal data — temporary cessation of processing personal data (except when processing is necessary for clarifying personal data).
2.3. Website — a collection of graphic and informational materials, as well as software and databases that provide access to them on the internet at the network address hitdev.ru/eng/.
2.4. Personal data information system — a collection of personal data contained in databases and information technologies and technical means that ensure their processing.
2.5. Anonymization of personal data — actions resulting in the inability to determine, without using additional information, the belonging of personal data to a specific User or another subject of personal data.
2.6. Processing of personal data — any action (operation) or a combination of actions (operations) performed using automation tools or without such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.
2.7. Operator — a state body, municipal body, legal entity or individual that independently or jointly with others organizes and/or carries out the processing of personal data and determines the purposes for processing personal data, the composition of personal data subject to processing, actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable User of the website hitdev.ru/eng/.
2.9. Personal data permitted by the subject for dissemination — personal data to which an unrestricted circle of persons has been granted access by the subject by giving consent for processing such personal data in accordance with the Personal Data Law (hereinafter referred to as personal data permitted for dissemination).
2.10. User — any visitor to the website hitdev.ru/eng/.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or making them available to an unrestricted circle of persons, including publication in mass media, placement in information and telecommunication networks or providing access to personal data in any other way.
2.13. Cross-border transfer of personal data — transfer of personal data to a foreign state authority, foreign individual or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in irreversible destruction of personal data with no possibility of further restoration within the information system and/or destruction of physical carriers of personal data.
Operator's Rights and Obligations
3.1. The Operator has the right:
— to receive reliable information and/or documents containing personal data from the subject;
— if the subject withdraws consent for processing their personal data or submits a request for cessation of processing, the Operator has the right to continue processing without consent if there are grounds specified in the Personal Data Law;
— to independently determine the composition and list of measures necessary and sufficient for fulfilling obligations under the Personal Data Law.
3.2. The Operator is obliged:
— to provide information regarding their processing upon request from the subject;
— to organize processing in accordance with current Russian legislation;
— to respond to requests from subjects and their legal representatives according to requirements set forth by law;
— to report necessary information upon request from authorized bodies within 10 days from receipt;
— to publish or otherwise ensure unrestricted access to this Policy regarding processing;
— to take legal, organizational and technical measures for protecting against unauthorized access and other unlawful actions concerning personal data.
Rights and Obligations of Personal Data Subjects
4.1. Personal Data Subjects have the right:
— to receive information regarding their processed personal data except where federal laws provide otherwise;
— to demand correction or destruction if their information is incomplete or outdated;
— to withdraw consent for processing at any time.
4.2. Personal Data Subjects are obliged:
— to provide accurate information about themselves;
— to notify about changes in their details.
4.3. Individuals who provided the Operator with false information about themselves or information about another subject of personal data without the latter's consent shall be held liable in accordance with the legislation of the Russian Federation.
Principles of Personal Data Processing
5.1. The processing of personal data is carried out on a lawful and fair basis.
5.2. The processing of personal data is limited to achieving specific, predetermined, and lawful purposes. The processing of personal data incompatible with the purposes of collection is not allowed.
5.3. The merging of databases containing personal data processed for incompatible purposes is not permitted.
5.4. Only personal data that meets the processing purposes shall be processed.
5.5. The content and scope of processed personal data correspond to the stated purposes of processing. The redundancy of processed personal data in relation to the stated purposes is not allowed.
5.6. When processing personal data, accuracy, sufficiency, and, where necessary, relevance concerning the purposes of processing must be ensured. The Operator takes necessary measures and/or ensures their implementation to delete or clarify incomplete or inaccurate data.
5.7. Personal data shall be stored in a form that allows identifying the subject of personal data for no longer than required by the purposes of processing unless a different storage period is established by federal law, contract, or if the subject of personal data is a party, beneficiary, or guarantor under that contract. Processed personal data shall be destroyed or anonymized upon achieving the processing purposes or when there is no longer a need to achieve those purposes unless otherwise provided by federal law.
Purposes of Personal Data Processing
Purpose of processing: informing the User by sending emails
Conditions for Personal Data Processing
7.1. Personal data processing is carried out with the consent of the subject for processing their personal data.
7.2. Processing is necessary to achieve goals provided by an international treaty of the Russian Federation or law, to fulfill functions, powers, and duties imposed on the operator by Russian legislation.
7.3. Processing is necessary for administering justice, enforcing a court ruling, or an act from another authority or official that must be executed according to Russian law on enforcement proceedings.
7.4. Processing is necessary for executing a contract in which the subject of personal data is a party or beneficiary or guarantor under that contract, as well as for concluding a contract at the initiative of the subject or a contract under which they will be a beneficiary or guarantor.
7.5. Processing is necessary for exercising rights and legitimate interests of the operator or third parties or achieving socially significant goals provided that it does not violate the rights and freedoms of the subject of personal data.
7.6. Processing occurs for personal data to which access has been granted to an unlimited circle by the subject or at their request (hereinafter referred to as publicly available personal data).
7.7. Processing occurs for personal data that must be published or disclosed according to federal law.
8.1. The Operator ensures the security of personal data and takes all possible measures to prevent unauthorized access to personal data.
8.2. The User's personal data will never be transferred to third parties under any circumstances, except in cases related to compliance with applicable law or if the subject of personal data has given consent to the Operator for transferring data to a third party for fulfilling obligations under a civil law contract.
8.3. In case of identifying inaccuracies in personal data, the User can update them independently by sending a notification to the Operator's email address invest@hi-tech.ru marked "Update of Personal Data."
8.4. The duration of personal data processing is determined by achieving the purposes for which the personal data was collected, unless a different duration is specified in a contract or applicable legislation. The User can withdraw their consent for processing personal data at any time by sending a notification via email to the Operator at invest@hi-tech.ru marked "Withdrawal of Consent for Personal Data Processing."
8.5. All information collected by third-party services, including payment systems, communication means, and other service providers, is stored and processed by these entities (Operators) in accordance with their User Agreement and Privacy Policy documents. The subject of personal data should familiarize themselves with these documents. The Operator is not responsible for the actions of third parties, including those service providers mentioned in this paragraph.
8.6. Restrictions established by the subject of personal data on transfer (except for granting access) as well as on processing or conditions for processing (except for obtaining access) regarding publicly available personal data do not apply when processing such data in state, public, and other public interests defined by Russian legislation.
8.7. The Operator ensures confidentiality when processing personal data.
8.8. The Operator stores personal data in a form that allows identifying the subject of personal data for no longer than required by the purposes of processing unless a different storage period is established by federal law, contract, or if the subject of personal data is a party, beneficiary, or guarantor under that contract.
- This personal data processing policy is developed in accordance with the requirements of Federal Law No. 152-FZ "On Personal Data" dated July 27, 2006 (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures for ensuring the security of personal data taken by LLC "HITECH Development" (hereinafter referred to as the Operator).
- 1.1. The Operator's primary goal and condition for conducting its activities is to respect the rights and freedoms of individuals when processing their personal data, including the protection of privacy, personal, and family secrets.
- 1.2. This Operator's policy regarding personal data processing (hereinafter referred to as the Policy) applies to all information that the Operator may obtain about visitors to the website hitdev.ru/eng/.
Key Concepts Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computing technology.
2.2. Blocking of personal data — temporary cessation of processing personal data (except when processing is necessary for clarifying personal data).
2.3. Website — a collection of graphic and informational materials, as well as software and databases that provide access to them on the internet at the network address hitdev.ru/eng/.
2.4. Personal data information system — a collection of personal data contained in databases and information technologies and technical means that ensure their processing.
2.5. Anonymization of personal data — actions resulting in the inability to determine, without using additional information, the belonging of personal data to a specific User or another subject of personal data.
2.6. Processing of personal data — any action (operation) or a combination of actions (operations) performed using automation tools or without such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.
2.7. Operator — a state body, municipal body, legal entity or individual that independently or jointly with others organizes and/or carries out the processing of personal data and determines the purposes for processing personal data, the composition of personal data subject to processing, actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable User of the website hitdev.ru/eng/.
2.9. Personal data permitted by the subject for dissemination — personal data to which an unrestricted circle of persons has been granted access by the subject by giving consent for processing such personal data in accordance with the Personal Data Law (hereinafter referred to as personal data permitted for dissemination).
2.10. User — any visitor to the website hitdev.ru/eng/.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or making them available to an unrestricted circle of persons, including publication in mass media, placement in information and telecommunication networks or providing access to personal data in any other way.
2.13. Cross-border transfer of personal data — transfer of personal data to a foreign state authority, foreign individual or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in irreversible destruction of personal data with no possibility of further restoration within the information system and/or destruction of physical carriers of personal data.
Operator's Rights and Obligations
3.1. The Operator has the right:
— to receive reliable information and/or documents containing personal data from the subject;
— if the subject withdraws consent for processing their personal data or submits a request for cessation of processing, the Operator has the right to continue processing without consent if there are grounds specified in the Personal Data Law;
— to independently determine the composition and list of measures necessary and sufficient for fulfilling obligations under the Personal Data Law.
3.2. The Operator is obliged:
— to provide information regarding their processing upon request from the subject;
— to organize processing in accordance with current Russian legislation;
— to respond to requests from subjects and their legal representatives according to requirements set forth by law;
— to report necessary information upon request from authorized bodies within 10 days from receipt;
— to publish or otherwise ensure unrestricted access to this Policy regarding processing;
— to take legal, organizational and technical measures for protecting against unauthorized access and other unlawful actions concerning personal data.
Rights and Obligations of Personal Data Subjects
4.1. Personal Data Subjects have the right:
— to receive information regarding their processed personal data except where federal laws provide otherwise;
— to demand correction or destruction if their information is incomplete or outdated;
— to withdraw consent for processing at any time.
4.2. Personal Data Subjects are obliged:
— to provide accurate information about themselves;
— to notify about changes in their details.
4.3. Individuals who provided the Operator with false information about themselves or information about another subject of personal data without the latter's consent shall be held liable in accordance with the legislation of the Russian Federation.
Principles of Personal Data Processing
5.1. The processing of personal data is carried out on a lawful and fair basis.
5.2. The processing of personal data is limited to achieving specific, predetermined, and lawful purposes. The processing of personal data incompatible with the purposes of collection is not allowed.
5.3. The merging of databases containing personal data processed for incompatible purposes is not permitted.
5.4. Only personal data that meets the processing purposes shall be processed.
5.5. The content and scope of processed personal data correspond to the stated purposes of processing. The redundancy of processed personal data in relation to the stated purposes is not allowed.
5.6. When processing personal data, accuracy, sufficiency, and, where necessary, relevance concerning the purposes of processing must be ensured. The Operator takes necessary measures and/or ensures their implementation to delete or clarify incomplete or inaccurate data.
5.7. Personal data shall be stored in a form that allows identifying the subject of personal data for no longer than required by the purposes of processing unless a different storage period is established by federal law, contract, or if the subject of personal data is a party, beneficiary, or guarantor under that contract. Processed personal data shall be destroyed or anonymized upon achieving the processing purposes or when there is no longer a need to achieve those purposes unless otherwise provided by federal law.
Purposes of Personal Data Processing
Purpose of processing: informing the User by sending emails
- Personal data: last name, first name, patronymic; phone numbers
- Legal basis: statutory (founding) documents of the Operator
- Types of personal data processing: collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data.
Conditions for Personal Data Processing
7.1. Personal data processing is carried out with the consent of the subject for processing their personal data.
7.2. Processing is necessary to achieve goals provided by an international treaty of the Russian Federation or law, to fulfill functions, powers, and duties imposed on the operator by Russian legislation.
7.3. Processing is necessary for administering justice, enforcing a court ruling, or an act from another authority or official that must be executed according to Russian law on enforcement proceedings.
7.4. Processing is necessary for executing a contract in which the subject of personal data is a party or beneficiary or guarantor under that contract, as well as for concluding a contract at the initiative of the subject or a contract under which they will be a beneficiary or guarantor.
7.5. Processing is necessary for exercising rights and legitimate interests of the operator or third parties or achieving socially significant goals provided that it does not violate the rights and freedoms of the subject of personal data.
7.6. Processing occurs for personal data to which access has been granted to an unlimited circle by the subject or at their request (hereinafter referred to as publicly available personal data).
7.7. Processing occurs for personal data that must be published or disclosed according to federal law.
8.1. The Operator ensures the security of personal data and takes all possible measures to prevent unauthorized access to personal data.
8.2. The User's personal data will never be transferred to third parties under any circumstances, except in cases related to compliance with applicable law or if the subject of personal data has given consent to the Operator for transferring data to a third party for fulfilling obligations under a civil law contract.
8.3. In case of identifying inaccuracies in personal data, the User can update them independently by sending a notification to the Operator's email address invest@hi-tech.ru marked "Update of Personal Data."
8.4. The duration of personal data processing is determined by achieving the purposes for which the personal data was collected, unless a different duration is specified in a contract or applicable legislation. The User can withdraw their consent for processing personal data at any time by sending a notification via email to the Operator at invest@hi-tech.ru marked "Withdrawal of Consent for Personal Data Processing."
8.5. All information collected by third-party services, including payment systems, communication means, and other service providers, is stored and processed by these entities (Operators) in accordance with their User Agreement and Privacy Policy documents. The subject of personal data should familiarize themselves with these documents. The Operator is not responsible for the actions of third parties, including those service providers mentioned in this paragraph.
8.6. Restrictions established by the subject of personal data on transfer (except for granting access) as well as on processing or conditions for processing (except for obtaining access) regarding publicly available personal data do not apply when processing such data in state, public, and other public interests defined by Russian legislation.
8.7. The Operator ensures confidentiality when processing personal data.
8.8. The Operator stores personal data in a form that allows identifying the subject of personal data for no longer than required by the purposes of processing unless a different storage period is established by federal law, contract, or if the subject of personal data is a party, beneficiary, or guarantor under that contract.
- 8.9. Conditions for ceasing personal data processing may include achieving the purposes of processing personal data, expiration of consent validity from the subject of personal data, withdrawal of consent by the subject of personal data or request to cease processing personal data, as well as identification of unlawful processing of personal data.List of Actions Performed by the Operator with Received Personal Data
- 9.1. The Operator carries out collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data.
- 9.2. The Operator performs automated processing of personal data with obtaining and/or transferring received information through information and telecommunications networks or without such means.
- Cross-Border Transfer of Personal Data
- 10.1. Before starting cross-border transfer activities involving personal data, the Operator must notify the authorized body for protecting the rights of subjects of personal data about its intention to carry out cross-border transfer (this notification is sent separately from the notification about intentions to process personal data).
- 10.2. Before submitting the above notification, the Operator must obtain relevant information from foreign state authorities, foreign individuals, or foreign legal entities to whom cross-border transfer of personal data is planned.
- Confidentiality of Personal Data
- The Operator and other individuals who have access to personal data are obliged not to disclose it to third parties and not to distribute it without consent from the subject of personal data unless otherwise provided by federal law.
- Final Provisions
- 12.1. The User can obtain any clarifications regarding issues related to the processing of their personal data by contacting the Operator via email at docin@hi-tech.ru.
- 12.2. This document will reflect any changes to the Operator's policy on processing personal data. The policy remains in effect indefinitely until replaced by a new version.
- 12.3. The current version of the Policy is freely available on the Internet at https://hitdev.ru/eng/privacy.