I. General Provisions
The present Regulation on Data Protection Guidelines (hereinafter referred to as the Guidelines) is an official document of ООО 1BM (TIN 5406775304) (hereinafter referred to as the Company/ Operator) which sets forth the procedure of data processing and protection of natural persons (hereinafter referred to as the Users) who use web services, information, services and products located on the Company’s website on domain name of baumix.ru (hereinafter referred to as the Site).
Observation of confidentiality is important for the Company as the goal of the given Policy is providing of human and citizen’s rights and freedoms during their personal data processing including protection of the right of privacy, right to personal and family privacy as well as from illegal access and public disclosure.
We have developed Data Protection Guidelines which describes the methods of our processing of personal data including any actions (operations) or aggregation of actions (operations) which are made using means of automation or without using such means while processing personal data including its collecting, recording, systematization, accumulation, storage, itemization (updating and changing), extraction, usage, transmission (distribution, providing and access), depersonalization, blockage, deleting and distraction of personal data.
The relations in connection with the personal data and information of the Site users processing are subject to the present Guidelines and other Operator’s official documents provisions as well as of the Russian Law currently in force.
The personal data processing is made on the legal and equitable basis acting in a reasonable manner and in good faith and based on the following principles:
— legality of goals and methods of the personal data processing;
— correspondence of the goals of the personal data processing which have been identified and declared in advance during the personal data collection as well as by the Company’s authority;
— correspondence of the volume and character of the processed personal data, methods of the personal data processing to the goals of the personal data processing.
The present Guidelines regulate any type of the personal data processing and private information (any information allowing to identify a person and any other information in connection with it) about natural persons who are users of the Company’s products or services.
The present Guidelines covers processing of personal and private data collected by any means both active and passive either through the Internet or without it from persons located in any place of the world.
II. Collecting of personal data
The goal of the personal data collecting is the Operator’s obligations to the Users in terms of the Site and its services using fulfillment.
The users’ personal processing shall be made only upon receiving agreement from the subject of the personal data for their personal data processing.
The notion of the personal data means any information directly or indirectly related to a definite or defined natural person (the subject of the personal data) which can be used for identification of a certain person or in connection with him/her.
We can apply to you for your personal date any moment of your connection to the Company. The Company can use such data in accordance with the current Guidelines. It can also combine such information with any other data to provide and to improve their products, services, information content (content) and communication.
Here below we provide with some examples of the personal data types which the Company can collect as well as that of how we can use such information.
TYPES OF THE PERSONAL DATA WE COLLECT
We can collect different data/information including:
— First, last and middle names
— telephone number;
— e-mail address.
The personal data can also include additional information provided by the User upon the Operator’s request in order to let the Operator execute their obligations to the Users arising from the Service Contract. In particular, the Operator has a right to ask the User to provide a copy of his/her identity document or any other document which contains the User’s first, last and middle names, the User’s photo as well as any other additional data which, according to the Operator, are necessary and enough for identification of the User and allow to exclude violation and breach of the third persons’ rights.
When you involve other persons in our events or invite them to communicate with us the Company can collect the personal data of these persons provided by you including the first, last and middle names, e-mail address and the phone number.
We guarantee accuracy and sufficiency of the personal data while processing it and whenever it is required relevancy towards the goals of the personal data processing.
III. Storage and usage of personal data
The Users’ personal data are stored exclusively on electronic media and are processed using automation systems apart from the cases when manual processing of the personal data is required according to the Russian Law requirements.
HOW WE USE YOUR PERSONAL INFORMATION
The collected personal data help us to improve the quality of our services, content and communications. In case you do not wish to be included into our mailing list you can reject the mailing by means of sending us an e-mail to the contact feedback address.
We can use your personal data to send important identifications containing information of changes in our regulations, terms and policies as well as confirming the orders you placed and purchases made. As that information is important for your relationships with the Company you may not reject receiving such e-mails.
We can also use your personal information to fulfill our own goals including making audit, analysis of data and different research data which were conducted in order to improve the Company’s products and services as well as interacting with customers.
COLLECTING AND USAGE OF THE INFORMATION WHICH IS NOT CONSIDERED TO BE PERSONAL
We also collect personal data which is not personal information, the data which does not allow to identify it with any person directly. We can collect, use, transfer and disclose information which is not personal for any goal. Here below are the examples of the information which is not personal we collect and how we can use it.
We can collect personal data such as information of occupation, language, postal index, device unique identifier, location and time zone where a product is used to better understand consumers' behavior and to improve our products, services and communications.
We can also collect personal data/information about consumer’s interests in terms of our website while using our other products and services. Such personal data/information is collected and used to help us to provide more useful information to our customers as well as for understanding of which parts of our site, products and services are of the highest interest. In order to follow the Guidance provisions the aggregate data is considered as the data/information which is not personal.
Should we combine the information which is not personal with that of the personal one, then such aggregate information is considered to be personal as long as that information is combined.
IV. Handing over of personal data
The User’s personal data shall not be handed over to any third person apart from the cases foreseen by the present Guidelines.
The User’s personal data processing shall be made without limitation of time by any legal means including the information systems of the personal data using means of automation or without using such means.
The User agrees to the fact that the Operator has a right to hand over personal data to a third person including courier services, postal companies, telecom carriers, etc. exclusively for the goals stated in Collecting of personal data of the present Guidelines.
In case of User’s mentioning or in case of the User’s agreement the User’s personal data can be handed over to a third person, the Operator’s counteractant in case such counteractant’s undertaking of obligations on providing confidence of the information received and while using applications in particular.
The applications used by the Users on the Site are placed on the Site and are maintained by the third persons (developers) who act independently from the Operator and don’t act on behalf or as designated by the Operator. The Users shall learn the rules of rendering services and the Data Protection Guidelines of such third persons (developers) before the beginning of usage of the corresponding applications.
Upon the request of the state authorized body the User’s personal data can be handed over only based on the grounds and in order stipulated by the Russian Law.
The Operator blocks access to the personal data of the correspondent user from the moment of receiving User’s or their authorized representative or authorized rights of subjects during the audit holding body’s application or request in case of finding out unreliable personal data or illegal actions.
DISCLOSURE OF INFORMATION TO THIRD PARTIES
In some cases the Company has a right to hand over certain personal information and data to their strategic partners which work with the Company to represent products and services or to those of them who help the Company to sell products and services to customers. We provide the third persons with the minimal volume of personal data necessary for rendering the required service.
The personal information will be provided by the Company only when it is required to provide customers with products and services as well as improvement of these products and services and communications connected with them. Such information will not be provided with the third persons to fulfil their marketing goals.
We will ask for your permission for your personal data processing in case of following of any other goal.
PROVIDERS OF SERVICES
The Company provides personal data/information to the companies rendering the following services including information processing, execution of customers’ orders, delivery of goods and other types of services rendering to customers, determination of your interest to our products and services, polls targeted on our customers or their satisfaction by quality of the service study conducting. These companies shall protect your information regardless of the country of their location.
In some cases the Company, in accordance with the law, legal process, in a trial and/or based on public requests or requests sent by the stately authorized bodies on the territory or outside the territory of the country of your stay has to disclose your personal data. We also can disclose your personal data/information in case we determine that such disclosure is necessary or is required due to the grounds of national security, maintaining of public order or in any other publically important cases.
Also, we can disclose your personal data/information in case we find out that such disclosure is necessary for execution of our rules and regulations or in case of protection of both our and our users’ activity. Additionally, in case of realignment, merging or selling we can hand over any part or the whole collected information to the corresponding third party.
V. Elimination of the personal data
The User’s personal data is eliminated in case of:
— the Operator’s deleting of the information placed by the User and stipulated by the Sales Contract (a firm offer);
— the subject of personal data cancelling their agreement on the personal data processing.
IDENTITY FILES (СOOKIES) AND OTHER TECHNOLOGIES
A website, e-mails and any other types of communication on behalf of the Company can use identity files cookies and other technologies including pixel tags and web beacons. Such technologies help us to understand consumer’s behavior better, they inform us in terms of which pages (parts) of our website have been visited and measure effectiveness of advertisement and network hunt. We consider the information gathered with cookies and other technologies as the information of non-natural nature.
In such cases our aim is to provide with more convenient and personal interaction with the Company. For instance, knowing your name can be used in our communications. Having learned that someone, by using your computer or device, purchased a certain product or used a certain service we can provide a better correspondence of advertisement messages and e-mails to your interests. Finally, the entire knowledge helps us to render service of the highest level.
You can switch off cookies in your web browser or mobile devise settings. However, some of the website functions can become unavailable after turning off cookies.
Like in case of the majority of websites we automatically collect some information and store it in log files. Such information includes IP address, browser type and language, information of the Internet provider, reference and exit pages, OS information, date-time stamp and visitors’ data. We will use that information to comprehend and analyze trends, website administration, studying consumer’s behavior on the site and to collect demographic data about our main part of the users. The Company can use that information to follow its marketing goals.
We attach interactive links to the information placed on the Company’s website to some of our e-mails. When users click on these links their requests are registered separately before they enter the required page. We trace such data to help us to identify visitor’s interest to certain topics and to measure efficiency of our communication with our customers. However, in case you prefer not to trace your entrances in that manner you should avoid clicking on text or graphic links in your e-mails.
Pixel tags allow us to redirect e-mails in the readable format and also they inform us whether these e-mails have been read. We can use that information to restrict the number of the e-mails sent to the customers or not sending them at all.
VI. Protection of personal data
The Company takes protection measures including legal, organizational, administrative, technical and physical to protect your personal data in accordance with Clause 19 of Federal Law d.d. 27.07.2006 N 152-ФЗ Personal Data Protection Law in order to protect User’s personal data from illegal or accidental access to it, deletion, changing, blocking, copying, distribution as well as any other illegal actions of third persons.
When you use some of Company’s products, services or applications or place posts on forums, in chats or in social networks the personal data you share can be seen by other users and they can read collect and use them. You bear only personal responsibility for the personal data which you prefer to share in these cases. For instance, whenever you share your name and e-mail in your post on a forum such information is considered to be public then. Please, take precautions while using such functions.
INTEGRALITY AND STORAGE OF PERSONAL DATA
By interacting with the Company you can easily maintain your personal data and information updated. We will store your personal data and information during the time required for the goals fulfillment described in the present Guidelines apart from the cases when a longer period of data and information storage is required in accordance with the Law or is legally allowed.
We do not collect personal data about under age persons. Should we learn about the fact that we have received under-aged personal data, then we will take measure to delete such information in a shortest possible time.
We strongly recommend parents and other persons who bear responsibility for under-aged people (legal representatives including parents, adopters or trustees) to keep their usage of websites under control.
KEEPING YOUR CONFIDENTIALITY ON COMPANY’S LEVEL
In order to be confident in your personal data safety we inform the Company’s personnel in terms of the norms of keeping confidentiality and safety and put a strict control over following of the keeping of the confidentiality measures inside the Company.
Should any questions arise in connection with the Company’s Confidentiality Policy or data processing, then you can contact us through our feedback address.
VII. Users’ applications
The Russian Law currently in force is applicable to the present Confidentiality Policy and the relationships between the User and the Operator.
The Users have a right to send their claims to the Operator including the ones concerning usage of their personal data, cancelling of their agreement of the personal data processing in writing to the address indicated in chapter General Provisions of the present document or in an electronic format signed with a qualified electronic signature in accordance with the requirements of the Russian Law currently in force and sent by means of using the feedback address.
The request sent by the User must correspond to the requirements stipulated by the Rules of Sending Applications to Maintenance and Technical Support Service and contain the following information:
— the number of the User or his representative’s main identification document;
— information of the date of issue of the mentioned above document and the name of the issuing body;
— the information confirming the User’s participation in the relationships with the Operator;
— the User or their representative’s signature;
— e-mail address;
— contact telephone number.
The Operator shall consider the User’s request and send the reply within 30 days from the moment of receiving the request.
The Company shall observe the terms and conditions of Federal Law issued 27.07.2006 N 152-ФЗ Personal Data Protection Law in terms of the rest of the issues which have not been directly covered by the Guidelines.
By providing their personal data and the information the Company’s site visitor agrees with the terms and conditions of the Guidelines.
The Company has a right to make any corrections to the Guidelines at any time at their discretion in order to make further improvements to the system of protection from illegal access to the User’s personal data without the latter’s agreement. A corresponding notification along with the updated version of the Guidelines is placed on the Site whenever we make any significant changes to the Guidelines.
The guidelines do not cover acts and web resources of third parties.