Privacy policy | Mark Rodovsky

PRIVACY POLICY STATEMENT

(hereinafter referred to as the "Regulation")

1. GENERAL PROVISIONS

1.1. This Regulation on the Privacy Policy of Personal Data is an official document of Individual Entrepreneur Rodovsky Mark Igorevich, OGRNIP 18774600471439 (hereinafter referred to as the "Operator") and defines the procedure for processing personal data and measures to ensure the security of personal data of individuals (hereinafter referred to as the "Personal Data Subject", the "Subject") using the services, information, programs and products of the Operator on the website located on the domain name of the markrodovsky.com (hereinafter referred to as the "Website") and the official pages of the Operator on social networks.
1.2. This Regulation applies to all personal data that can be obtained from individuals by the Operator during registration of individuals on the Website.
1.3. This Regulation shall be applied by the Operator in accordance with the Federal Law No. 152-FZ "On Personal Data" dated 27.07.2006, the Federal Law No. 38-FZ "On Advertising" of March 13, 2006, and other regulations in the field of personal data protection valid in the territory of the Russian Federation and aimed at preventing violations of the legislation of the Russian Federation, eliminating the consequences of such violations related to the processing of personal data.
1.4. The operator sets as its goal and condition for the implementation of its activities the observance of the rights and freedoms of a person and a citizen when processing his personal data, including the protection of the rights to privacy, personal and family secrets from unauthorized access and disclosure.
1.5. The processing of personal data is carried out on a legal and fair basis, acting reasonably and in good faith and on the basis of the principles:
• legality of personal data processing purposes and methods;
• good faith;
• compliance of the purposes of processing personal data with the goals predetermined and stated when collecting personal data, as well as with the Operator's powers;
• compliance of the scope and nature of personal data processed, methods of personal data processing with the purposes of personal data processing.
1.6. The Operator may process the following personal data:
• First Name and Last Name;
• Date of Birth;
• Phone Number;
• E-mail address;
• Data on services rendered and being rendered to the Subject of the personal data, including the history of addresses of the Subject;
• the history of appeals of the Subject of personal data, including messages of the Subject and documents sent by the Subject at the addresses to the Operator.
• delivery address of Goods of the Operator.
1.7. When using the services of the Website, the Operator also processes other impersonal data that is automatically transmitted during the use of the Website using the software installed on the computer:
• information about the browser used (or other program that accesses the website);
• IP address;
• cookie data.
1.8. The Operator guarantees that organizations external to the Operator do not have access to such data that can be used by the Operator, except as expressly stipulated by the current legislation of the Russian Federation and this Regulation, as well as except for the cases specified in paragraph 3.7 of this Regulation. Upon receipt of personal data not specified in this section, such data shall be immediately destroyed.
1.9. The Operator processes personal data of the Subjects by maintaining databases using automated and mechanical manual means for the following purposes:
1.9.1. processing of orders, requests or other actions of the Personal Data Subject related to the visit to the Site, ordering of services including, but not limited to, services on request of prices for goods presented in catalogs;
1.9.2. for the purpose of promotion of the Operator's goods, works and services on the market, notification of promotions, events, discounts, marketing campaigns of the Operator in case of expressed consent of the personal data Subject,.
1.9.3. for other purposes, if the relevant actions of the Operator do not contradict the current legislation, the Operator's activities, and the consent of the personal data subject has been obtained for the said processing.
1.9.4. the data specified in clause 1.6 of these Regulations are processed for the purpose of Website analytics, tracking and understanding the principles of Website use by visitors, improving the functioning of the Website, solving technical problems of the Website, developing new products, expanding services, identifying the popularity of goods and determining the effectiveness of advertising campaigns; ensuring the security and prevention of fraud, providing effective customer support (displaying nearby boutiques, etc.).
1.10. The Operator processes personal data by performing any action (operation) or set of actions (operations), including the following:
• collection;
• recording;
• systematization;
• accumulation;
• storage;
• clarification (update, change);
• extraction;
• use;
• transmission (distribution, provision, access);
• depersonalization;
• blocking;
• removal;
• destruction.
1.11. When making payments, personal information provided by the Subject (name, address, phone number, e-mail, bank card number) is not stored on the Operator's Web server and is provided only to the partner bank. No payment information other than payment notification shall be transmitted by the Operator's partner bank. The security of payment processing, including Internet payments, is guaranteed by partner banks. All resources of partner banks comply with PCI DSS security standards, have all the necessary permissions and certificates.

2. RECEIVING, USE AND DISCLOSURE OF PERSONAL DATA

2.1. The Operator receives and starts processing personal data of the Subject from the moment of obtaining its consent.
Consent to the processing of personal data may be given by the Subject of personal data in any form that allows confirming the fact of obtaining consent, unless otherwise established by federal law: in writing, oral or other form provided for by the current legislation, including by the Subject of personal data conclusive actions. In the absence of consent of the personal data Subject to the processing of his personal data, such processing is not carried out.
2.2. Personal data of personal data Subjects shall be obtained by the Operator:
• by personal transfer of personal data by the Subject when entering information into accounting forms in electronic form on the Website;
• by personal transmission of personal data by the Subject in oral form by telephone in the process of issuing an order for the provision of the service;
• by personal transfer of personal data by the Subject when entering information in electronic form on the Website;
• in other ways that do not contradict the legislation of the Russian Federation and the requirements of international legislation on the protection of personal data.
2.3. Consent to processing of personal data is considered the Subject of personal data of any action or set of the following actions provided by means of commission:
• registration on the Website of the Operator;
• putting down on the Website in the corresponding form of a mark of consent to processing of personal data in volume, for the purposes and as it should be, provided in the text offered before receiving consent for acquaintance;
• messages of personal data in an oral form, at the address by phone in process execution of the order on rendering services.
• messages of personal data in writing in process execution of the order.
2.4. The Consent shall be deemed to have been obtained in accordance with the established procedure and shall be valid until the Personal Data Subject sends a corresponding application for termination of processing of personal data at the Operator's location.
2.5. The personal data subject may at any time withdraw his consent to the processing of personal data, provided that such a procedure does not violate the requirements of the legislation of the Russian Federation. To withdraw consent to the processing of personal data, the Personal Data Subject must send a message to the administrator of the official page of the online store on social networks.
In case of withdrawal of consent to personal data processing by the personal data Subject, the Operator shall stop processing or ensure termination of such processing (if processing is carried out by another person acting on behalf of the Operator) and if the preservation of personal data is no longer required for the purposes of its processing, destroy personal data or ensure their destruction (if the processing of personal data is carried out by another person acting on behalf of the Operator) within a period not exceeding thirty (30) days from the date of receipt of said recall, unless otherwise provided by an agreement to which the Personal Data Subject is a party, beneficiary or guarantor, other agreement between the Operator and the Personal Data Subject, or if the Operator is not entitled to process personal data without the consent of the Personal Data Subject on the grounds of, provided for by Federal Law N 152-FZ "On Personal Data" of 27.07.2006 or other federal laws.
2.6. In case of identification of inaccuracies in personal data, the User can update them by sending a message to the administrator of the official page of the online store on social networks.

3. INFORMATION ON IMPLEMENTED REQUIREMENTS FOR PERSONAL DATA PROTECTION

3.1. Activities of the Operator for processing of personal data are inseparably linked with protection by the Operator of confidentiality of the obtained information.
3.2. The operator demands from the other persons who got access to personal data not to open to the third parties and not to distribute personal data without the consent of the Subject of personal data if other isn't provided by the federal law.
3.3. All employees of Operator are obliged to provide confidentiality of personal data and also other data established by the Operator if it doesn't contradict the current legislation of the Russian Federation.
3.4. In order to ensure the security of personal data during its processing, the Operator shall take the necessary and sufficient legal, organizational and technical measures to protect personal data from unlawful or accidental access to it, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions against them. The Operator shall ensure that all measures implemented for organizational and technical protection of personal data are carried out legally, including in accordance with the requirements of the legislation of the Russian Federation on the processing of personal data.
3.5. The Operator shall apply the necessary and sufficient legal, organizational and technical measures to ensure the security of personal data, including:
• identification of threats to the security of personal data during their processing in personal data information systems;
• the use of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems, necessary to fulfil the requirements for the protection of personal data, the fulfilment of which ensures the levels of personal data security established by the Government of the Russian Federation;
• the use of information protection tools that have passed the established procedure for assessing the compliance of information protection tools;
• assessment of the effectiveness of measures taken to ensure the security of personal data before the commissioning of the personal data information system;
• accounting of machine-based personal data carriers;
• detection of unauthorized access to personal data and taking measures;
• recovery of personal data modified or destroyed as a result of unauthorized access to them;
• carrying out measures aimed at preventing unauthorized access to personal data and (or) transferring them to persons who do not have the right to access such information;
• timely detection of facts of unauthorized access to personal data and taking the necessary measures;
• prevention of impact on technical means of automated processing of personal data, as a result of which their functioning may be disrupted;
• establishing rules for access to personal data processed in the personal data information system, as well as ensuring registration and accounting of all actions performed with personal data in the personal data information system;
• control over the measures taken to ensure the security of personal data and the level of security of personal data information systems.
3.6. In order to ensure compliance of the level of personal data protection with the requirements of the Federal Law of 27.07.2006 N 152-FZ "On Personal Data" and the Federal Law of 27.07.2006 N 149-FZ "On Information, Information Technologies and Information Protection," the Operator does not disclose information on the specific means and measures used to ensure the information security of personal data.
3.7. The Operator undertakes not to disclose the information received from the Personal Data Subject. It shall not be considered a violation of the provision of information by the Operator to agents and third parties acting on the basis of the agreement with the Operator for the performance of obligations to the Personal Data Subject. It is not considered a violation of the obligation to disclose information in accordance with the reasonable and applicable requirements of the law.

4. CONSENT TO RECEIVING THE ADVERTISEMENT ON NETWORKS OF TELECOMMUNICATION

4.1. By making an Order on the Operator's website, the Subject automatically agrees to receive mailing/advertising information:
4.2. By giving the consent specified in clause 4.1 of this Regulation, the Personal Data Subject confirms that it acts in its own will and in its own interests, as well as that the specified personal data are reliable.
4.3. The Subject realizes that the Operator may use pixel retargeting in social networks for the following purposes:
• in order to remind the Subject that he was interested in the Operator's brand/product (for example, a reminder to hold a special competition);
• to offer to continue the action not completed on the Website (for example, pay for goods from the cart);
• to exclude active customers from the target audience of future advertising campaigns;
• for the purpose of researching the audience who visits the Website.

5. CROSS-BORDER TRANSFER OF PERSONAL DATA

5.1. Before the start of the cross-border transfer of personal data, the operator is obliged to make sure that a foreign state to the territory of which personal data is supposed to be transferred ensures reliable protection of the rights of personal data subjects.
5.2. The cross-border transfer of personal data on the territory of foreign states that do not meet the above requirements may be carried out only if the personal data subject agrees in writing to the cross-border transfer of his personal data and/or the execution of the contract to which the personal data subject is a party.

6. FINAL PROVISIONS

6.1. The User can get any clarification on the questions of interest regarding the processing of his or her personal data by sending a message to the administrator of the official page of the online store on social networks. This document will reflect any changes in the personal data processing policy by the Operator. The provision is valid indefinitely until replaced with a new version. The current version of the Regulation in the public domain is located on the Website.