Policy on processing of personal data in "Seismotech, Ltd." Company
1. General provisions
- 1.1. This Policy on personal data processing (hereinafter "Policy") is prepared in accordance with the Section 2 Part 1 Article 18.1, of the Federal Law of the Russian Federation "Personal Data Protection Act" No. 152-FZ dated July 27, 2006 (hereinafter "Law") and defines the position of Seismotech, Ltd. Company (hereinafter "Company") regarding processing and protection of personal data (hereinafter "Data").
- 1.2. This Policy applies to all the information the Company may obtain about the physical person (hereinafter "User") while he uses the, Company's website, services, programs, products or the Company services (hereinafter - Services, Company Services).
- 1.3. The Company notifies that cookies may be used to improve the operation of Services.
- 1.4. The use the Company's Services means the User's unreserved consent to this Policy and the terms and conditions of the processing of his personal data stated in it; in case he disagrees with these conditions, the User should refrain from using the Services. The user is aware that he is not obliged to provide the Company with any personal information.
- 1.5. 1.5. The Company does not verify the accuracy of the personal information provided by the User and has no way to assess the User's competence. However, the Company and the User assume that the User provides accurate and sufficient personal information and keeps this information up to date.
- 1.6. This Policy applies to Data obtained both before and after the entry into force of this Policy.
- 1.7. Understanding the importance and value of the Data, as well as taking care of respecting the constitutional rights of citizens of the Russian Federation and citizens of the other countries, the Company provides the reliable Data protection.
- 2.1. "Data" means:
- • Personal information that the User provides about himself/herself when registering (creating an account) or in the process of using the Services. Such information includes, in particular: full name, year, month, date and place of birth, address, information about education, profession, position and place of work, phone number, e-mail address for contact, information about candidates for vacant positions left by such candidates when filling out the questionnaire, including information contained in the candidate's resume. Mandatory information is marked in a special way. Other information is provided by the User at his discretion.
- • Data that is automatically transmitted as a result of the User's Use with the help of the software installed on the User's device, including IP address, cookies file data, information about the User's browser (or other program with which the Use is accessed), technical characteristics of the hardware and software used by the User, access date and time, addresses of requested pages and other similar information.
- • Other information about the User that is technically possible to obtain.
- 2.2. Data processing shall mean any action (operation) or a combination of actions (operations) with Data carried out with or without the use of automation technologies and or with no use of such means. The mentioned actions (operations) include the following: Data collection, recording, systematisation, processing, storage, alteration (update, modification), retrieval, use, depersonalisation, blocking, deletion or destruction.
- 2.3. Data security means protection of Data against any unauthorised and/or illegal access, destruction, modification, blocking, copying, provision, distribution, and also against any other illegal actions with regard to the Data.
3. Objectives and principles of data processing
- 3.1. The Company carries out the User Data processing for the following purposes:
- 3.1.1. In the case the User (contracting party/future contracting party) is a natural person or representative of corporate entity that are the Company's contracting parties, the purposes are as follows:
- • Identification of the party within the framework of delivery of Services, agreements and contracts with the Company, negotiating for the conclusion and execution of contracts in the various business areas of the Company;
- • Communication with the User, including sending of notifications, requests and information relating to the use of the Services, execution of contracts and delivery of agreements, and also processing of requests from the User for the purpose of agreements conclusion and execution.
- • improving the quality of use of the Services, convenience, development of new features and options for the use of the Services;
- • targeting of advertising and/or informational materials;
- 3.1.2. In the case the User is candidate for job openings, the purposes are as follows:
- • Making decision on conclusion of employment agreement with applicants for vacancies.
- 3.2. In processing the data, the Company is committed to the following principles:
- • Data processing is carried out on a legal and equitable basis;
- • The Data shall not be disclosed to third parties and shall not be distributed without the consent of the Data subject, except for the cases of the Data disclosure on the request of the authorized governmental bodies or legal procedures;
- • Determination of specific legitimate objectives prior to the Data processing (including collection);
- • Only those Data that are necessary and sufficient for the stated purpose of processing shall be collected;
- • No consolidation of databases containing Data to be processed for purposes incompatible with one another is permitted;
- • Data processing is limited to achieving specific, predetermined and legitimate objectives;
- • Upon achieving the processing objectives or when there is no further need in achieving these objectives, the data processed shall be destroyed or depersonalized unless otherwise provided for by federal law;
- • The Company does not carry out cross-border transfers of the Data;
- • The processing of Data in the Company is carried out with the use of means of automation and without the use of such means. The data processing operations shall include the following: Data collection, recording, systematisation, processing, storage, alteration (update, modification), retrieval, use, transfer (provision, access), depersonalisation, blocking, deletion, and destruction.
- 3.3. Personal data is stored by the Company for different periods, depending on its type:
- • "Cookies" files, or anonymized data, are stored on Users' devices depending on the settings, set for the device by the User. The Company stores this information in connection logs for a limited time in order to ensure the security and proper operation of the Website, as well as to collect statistical information.
- • Personal information of applicants to fill vacancies in the Company shall be stored until the Company decides on the admission or refusal to hire if the Company has open positions on the date of receipt of personal data by the applicant, but no more than 10 (ten) working days, in other cases, such data shall be destroyed on the date of receipt by the Company.
- • Other Personal Data, which are necessary to work with the User under paragraph 2.1. of this Policy shall be stored until the User revokes permission for their use.
- 4.1. Cookies are the data stored on the hard drive of a personal computer or in the memory of a mobile device (phone, tablet) by the User's browser. Used cookies do not save personal data and do not collect personal information about the User.
- 4.2. Cookies on this Website are used for the following purposes:
- 4.2.1. Optimization of this Website:
- • The use of "cookies" makes it possible to determine the specifics of the use of this Website by Users for the further improvement of the content and/or functionality. For example, the number of visits to the web pages of the Website, the time of viewing of a particular web page of the Website by the User, the number of pages of the Website viewed and the sequence of viewing the web pages of the Website by the User are monitored.
- • It is also possible to set the User's browser used, the language selected, the country, region, city from which access is made, what search engines the User used to access the Website, and the type of devices through which the User accessed the Website. The IP-addresses of the User's accessing device are transmitted automatically and are stored in anonymized form only. It is impossible to track the User as a physical person based on the IP-address.
- 4.2.2.Targeted Display of Internet Ads.
- • The Company has the right to use information obtained from "cookies" to anonymously analyze the use of the Website in order to place advertising information on the Internet.
5. Measures for proper management of data processing and provision of personal data security
- 5.1. During the Data processing, the Company shall take the necessary legal, organizational, and technical measures to protect the Data against any unauthorised and/or illegal access, destruction, modification, blocking, copying, provision, distribution, and also against any other illegal actions with regard to the Data.
- 5.2. In accordance with the law, such measures include, among others, the following:
- • Appointment of the person responsible for the Data processing and the person responsible for the Data security;
- • Development and approval of the local acts on the Data processing and protection;
- • Application of organizational and technical measures to ensure the Data safety during processing, which are necessary to meet the Data protection requirements, implementation of which provides the Data security levels established by the Government of the Russian Federation;
- • Evaluation of the effectiveness of the Data security measures taken before the personal data system is operational;
- • Control of the measures taken to ensure the Data security and the level of personal data security;
- • Compliance with the conditions precluding unauthorized access to the Data tangible media/material objects and ensuring Data integrity/safety;
- • Familiarizing the employees directly involved in the Data processing with the provisions of the Russian Federation legislation on Data, including Data protection requirements, local Data processing and protection acts, and training of the Company employees.
6. Rights of the users - data subjects
- 6.1. The User is a subject of personal data having the right to receive information on his personal data processing in the Company.
- 6.2. The User that is a subject of personal data entitled to require the Company to update these personal data, block them or destroy them if they are incomplete, out-dated, inaccurate, illegally obtained or cannot be deemed necessary for the stated purpose of processing, and to take legal measures to protect their rights.
- 6.3. In case of any inaccuracies in their personal data, the User can update them himself/herself by sending a notification to the e-mail address email@example.com marked "Update of personal data".
- 6.4. In order to realize and protect its rights and legitimate interests, the User - personal Data subject - is entitled to contact the Company. The Company considers any appeals and complaints from the personal Data subjects, thoroughly investigates violations and takes all necessary measures to eliminate them immediately, punish perpetrators, and settle disputes and conflict situations in the pre-trial order.
7. Final provisions
- 7.1. This Policy is a local regulatory document of the Company. This Policy is publicly available. Accessibility of this Policy is provided by publication on the Company's website: Сайте Компании.
- 7.2. The Company has the right to make changes to this Policy. When changes are made, the recent revision contains the date of the last update. The new revision of the Policy comes into force from the moment it is published, unless otherwise provided for in the new revision of the Policy. The current revision is permanently available on the webpage:
- 7.3. In the case the provisions of this policy fail to be performed, the Company and its employees shall be liable in accordance with the current legislation of the Russian Federation.
- 7.4. Monitoring of compliance with the requirements of this Policy shall be exercised by persons responsible for the organization of the Company's data processing and for the safety of personal data.
- 7.5. Any suggestions or questions regarding this Policy may be addressed by the User to the Marketing Department of Seismotech, LLC using e-mail firstname.lastname@example.org , or to the address: Office 700, bld. 42/1, Bolshoy Blvd., Technopark Office Center, Skolkovo Innovation Center, Moscow, Russia, 121205.
Last updated: April 21, 2022