Extract from Personal Data Processing Policy of Cognitive Synergy Software Limited Liability Company
1. General provisions.
1.1. This Extract from the Personal Data Processing Policy in Cognitive Synergy Software Limited Liability Company (hereinafter referred to as the Extract from the Policy) regulates the processing of personal data on the official website of Cognitive Synergy Software Limited Liability Company (hereinafter referred to as CS Software LLC) in the information and telecommunication network Internet at the address: https://cs-soft.ru/.
1.2. The Extract from the Policy was compiled in accordance with the provisions of Federal Law No. 152-FZ "On Personal Data" dated July 27, 2006 (hereinafter, No. 152-FZ) and other regulatory acts of the Russian Federation regulating relations in the field of personal data protection.
1.3. The Extract from the Policy defines the purposes of personal data processing, categories and list of processed personal data, categories of personal data subjects, principles and conditions of personal data processing, as well as personal data protection measures aimed at ensuring the fulfillment by CS Software LLC as a personal data operator (hereinafter referred to as the Operator) of the duties provided for by the current legislation exclusively for processing personal data on the Operator's official website.
1.4. The Extract from the Policy applies to any information containing personal data that the Operator processes on the official website in the information and telecommunication network Internet at https://cs-soft.ru/.
1.5. The Extract from the Policy is subject to revision in the course of periodic analysis by the Operator, as well as in cases of changes in the legislation of the Russian Federation in the field of personal data. The Operator has the right to unilaterally make changes to this Extract from the Policy without prior notice to the User, and any changes come into force from the moment of their publication on the official website at https://cs-soft.ru/.
1.6. The current full version of the Personal Data Processing Policy of CS Software LLC is provided to the general public and is located on the Operator's official website on the Internet at: https://cs-soft.ru/disclosure/.
2. Basic concepts.
2.1. Personal data are any information related to a directly or indirectly defined or determined individual (personal data subject).
2.2. Operator is a legal entity that independently or jointly with other entities organizes and (or) processes personal data, as well as determines the purpose of processing personal data, the composition of personal data to be processed, and actions (operations) performed with personal data.
2.3. Personal data subject is an individual who owns personal data and who can be identified from them.
2.4. Personal data processing is any action (operation) or a set of actions (operations) performed using automation means or without using such means with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
2.5. Automated processing of personal data is processing of personal data using computer equipment.
2.6. Provision of personal data are actions aimed at disclosing personal data to a certain entity or a certain range of entities.
2.7. Blocking of personal data is temporary termination of personal data processing (except for cases when processing is necessary to clarify personal data).
2.8. Destruction of personal data are actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and/or as a result of which physical carriers of personal data are destroyed.
2.9. Depersonalization of personal data are actions as a result of which it becomes impossible to determine the belonging of personal data to a specific personal data subject without using additional information.
2.10. Personal data information system is a set of personal data contained in databases and information technologies and technical means providing data processing.
2.11. User is a personal data subject who is a visitor to the website https://cs-soft.ru/.
2.12. Cookies - a small piece of data sent by a web server and stored on the user's computer.
3. Purposes of processing, legal grounds, terms of processing, composition of personal data.
3.1. The processing of personal data is limited to the achievement of specific, predetermined and legitimate purposes. Processing of personal data incompatible with the purpose of collecting personal data is not performed.
3.2. The Operator processes the following personal data in order to:
3.2.1. External information exchange (communications, marketing).
| Legal basis for personal data processing | — Consent to the processing of personal data provided by the User of the website by sending User's personal data entered through special forms located on the website https://cs-soft.ru/. |
| Category of personal data subjects | — Website users. |
| Category of processed personal data | — Other. |
| Composition of processed personal data | — Surname, first name; — Phone number; — Email; — Company name; — Other information provided by the User in a special form on the website. |
| Actions with processed personal data | — Collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (provision, access), depersonalization, blocking, deletion, destruction. |
| Personal data processing method | — Using automation tools. |
| Period of personal data processing and storage | — Prior to withdrawal of consent to personal data processing or upon achievement of the purpose of personal data processing or in case of loss of the need to achieve the purpose of personal data processing, further storage in accordance with the terms provided for by the legislation of the Russian Federation. |
| Procedure for destruction of personal data | Personal data are destroyed in the following cases: — The purpose of their processing is achieved; — The User's consent to their processing has expired and there are no other legal grounds for its continuation; — The user has withdrawn his consent to the processing of his personal data; — Personal data are no longer relevant; — Facts of illegal processing of personal data are revealed; — The Operator has ceased operations. |
3.2.2. Organization and management of the Operator's website in the information and telecommunication network.
| Legal basis for personal data processing | — Consent to the processing of personal data by metric programs and services provided by the website User by accepting the conditions specified on the pop-up information banner and (or) performing specific actions - continuing to use the site, and provided that the User has allowed this in the browser settings (saving cookies is enabled and JavaScript technology is used). |
| Category of personal data subjects | — Website users. |
| Category of processed personal data | — Other. |
| Composition of processed personal data | — IP address; — Cookies; — Website User location; — Anonymized data about website visitors collected using Yandex.Metric web analytics services; — Technical information about the device from which the website is accessed; |
— The network address of the user device.
| Actions with processed personal data | — Collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (provision, access), depersonalization, blocking, deletion, destruction. |
| Personal data processing method | — Using automation tools. |
| Period of personal data processing and storage | — Prior to withdrawal of consent to personal data processing or upon achievement of the purpose of personal data processing or in case of loss of the need to achieve the purpose of personal data processing, further storage in accordance with the terms provided for by the legislation of the Russian Federation; — The period of processing of personal data using metric services to analyze the use, measure and increase the level of website performance is determined by the period of use of the website by the User or the moment of deleting cookies by the User, depending on which of the events occurs earlier. |
| Procedure for destruction of personal data | Personal data are destroyed in the following cases: — The purpose of their processing is achieved; — The User's consent to their processing has expired and there are no other legal grounds for its continuation; — The user has withdrawn his consent to the processing of his personal data; — Personal data are no longer relevant; — Facts of illegal processing of personal data are revealed; — The Operator has ceased operations. |
3.3. Processing of personal data of minors is not performed.
4. Procedure and conditions for personal data processing
4.1. Processing of personal data is carried out by the Operator in accordance with the following principles:
— Processing of personal data is carried out on a legal and fair basis;
— Processing of personal data is limited to the achievement of specific, predetermined and legitimate purposes.
— Processing of personal data incompatible with the purpose of collecting personal data is not performed.
— Merging databases containing personal data, processing of which is carried out for purposes incompatible with each other is not carried out;
— Only personal data that meet the purposes of their processing are subject to processing;
— Content and volume of processed personal data correspond to stated purposes of processing;
— The processed personal data are not excessive in relation to the stated purposes of their processing;
— When processing personal data, the accuracy of personal data, their sufficiency, and, if necessary, relevance in relation to the purposes of processing personal data are ensured. The Operator shall take the necessary measures or ensure that they are taken to delete or clarify incomplete or inaccurate personal data;
— Storage of personal data is carried out in a form that allows identifying the User, not longer than it is required for the purpose of processing personal data, if the period of storage of personal data is not established by federal law, a contract, the party of which, the beneficiary or guarantor, according to which the subject of personal data is;
— Personal data processed shall be destroyed upon achievement of processing purposes or in case of loss of the need to achieve these purposes, unless otherwise provided by federal law.
4.2. Processing of personal data is carried out using automation tools.
4.3. The condition for the termination of personal data processing may be the achievement of the purposes of personal data processing, the expiration of the consent or withdrawal of the User's consent to the processing of User's personal data, as well as the identification of illegal processing of personal data.
4.4. In the course of its activities, the Operator ensures the confidentiality of the personal data processed, in particular, does not disclose to third parties and does not distribute personal data without the consent of the User, unless otherwise provided by the current legislation of the Russian Federation.
4.5. The Operator has the right to transfer personal data to third parties with the prior consent of the User, with the exception of cases established by the legislation of the Russian Federation. The list of third parties to whom personal data of personal data subjects are transferred is published on the official website of CS Software LLC in the Internet at the address: https://cs-soft.ru/disclosure/.
4.6. The Operator has the right to transfer personal data to the bodies of inquiry and investigation, to other authorized bodies on the grounds provided for by the current legislation of the Russian Federation.
4.7. To store personal data, the Operator uses exclusively databases located in the Russian Federation.
5. Ensuring the security of personal data.
5.1. When processing personal data, the Operator takes the necessary legal, organizational and technical measures or ensures their adoption to protect personal data from illegal or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data in accordance with Article 18, Article 18.1, Article 19 of Federal Law No. 152-FZ.
5.2. Measures to ensure the security of personal data during their processing in personal data information systems are established in accordance with the Operator's local regulations governing the issues of ensuring the security of personal data during their processing in the Operator's personal data information systems.
6. Rights of the User of personal data.
6.1. The user has the right to receive information regarding the processing of his personal data in the manner, form and within the time period established by the legislation of the Russian Federation in the field of personal data, including the right to:
— Access to User's personal data;
— Clarify User's personal data;
— Block and delete User's personal data;
— Appeal against actions or inaction of the Operator;
— Appeal against decisions made on the basis of exclusively automated processing of their personal data;
— Withdraw the consent to the processing of personal data.
6.2. In order to exercise User's rights to receive information regarding the processing of personal data, the User or User's legal representative can write a request to the Operator: 127434, Moscow, Dmitrovskoye Highway. 9a, bldg. 1, specifying information on the User's identity document or the identity document of the User's representative (document type, series and number, by whom and when issued), information confirming the User's participation in relations with the Operator, or information otherwise confirming the fact of processing personal data by the Operator, signature of the User or User's representative. Also, the request can be sent by e-mail: info@c-synergy.ru. In this case, the request must be in the form of an electronic document signed in accordance with the provisions of the legislation of the Russian Federation on electronic signature.
7. Rights and obligations of the personal data Operator.
7.1. The personal data operator has the right to:
— Instruct another party to process personal data with the consent of the User, unless otherwise provided by federal law;
— Processing of personal data without the User's consent if there are grounds specified in Clauses 2-11 of Part 1 of Article 6, Part 2 of Article 10 and Part 2 of Article 11 of Federal Law No. 152-FZ;
— Refusal of the User to perform a repeated request for information regarding the processing of User's personal data that does not meet the conditions provided for in Parts 4 and 5 of Article 14 of Federal Law No. 152-FZ;
— Determination of the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations stipulated by Federal Law No. 152-FZ and regulatory acts adopted in accordance with it, unless otherwise provided by other federal laws.
7.2. The personal data Operator has the right to:
— Provide the User, upon User's request, with information regarding the processing of User's personal data in the manner, form and within the time frame established by Federal Law No. 152-FZ;
— Organize the processing of personal data in the manner prescribed by Federal Law No. 152-FZ;
— Inform the authorized body for the protection of the rights of personal data subjects at the request of this body of the necessary information within 10 working days from the date of receipt of such a request;
— Publish or otherwise provide unrestricted access to the document defining its policy regarding the processing of personal data, to information on the implemented requirements for the protection of personal data;
— Take legal, organizational and technical measures to ensure the protection of personal data from illegal or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data;
— Stop the transfer (distribution, transfer, access) of personal data, stop processing and destroy personal data in the manner and cases provided for by Federal Law No. 152 FZ.
8. Final provisions
8.1. The User can receive any clarifications on the issues of interest related to the processing of his personal data by contacting the Operator by e-mail: info@c-synergy.ru, or at the postal address of the Operator: 127434, Moscow, Dmitrovskoye Highway, 9a, bldg. 1.
8.2. The User may at any time withdraw the consent to the processing of personal data by sending an e-mail notification to the Operator's e-mail address: info@c-synergy.ru, or to the Operator's postal address: 127434, Moscow, Dmitrovskoye Highway, 9a, bldg. 1, labeled "Withdrawal of consent to the processing of personal data."
