The most important condition for the realization of the goals of the
activity of sole proprietor Kalneus Leonid Evgenievhich (hereinafter
individually referred to as the Operator) is to ensure the necessary and
sufficient level of data informational security, which includes personal
data.
The Policy regarding the processing of personal data of the Operator
(hereinafter referred to as the Regolations) determines the procedure for
collecting, storing, transferring and other types of processing of personal
data, as well as information on the current requirements for the protection
of personal data.
This Policy was developed in accordance with the current legislation of the
Russian Federation.
Personal data composition
Information constituting personal data is any information related directly
or indirectly to a determined or determined individual (the subject of
personal data). A detailed list of personal data is recorded in the local
regolatory documentation of the Operator.
All personal data processed by the Operator is confidential, strictly
protected information in accordance with the legislation.
Purposes for personal data processing
Personal data are processed by the Operator:
in order to organize and conduct by the Operator (including those
involving third parties) loyalty programs, marketing and/or promotional
actions, research, surveys, and other activities;
for fulfillment by the Operator of obligations under the service
contract;
for rendering of other services to subjects of personal data; promotion
of services and / or goods of the Operator and / or the Operator's
partners in the market through direct contacts with the Operator's
customers through various means of communication, including but not
limited to telephone, e-mail, mailing, Internet, etc.;
for other purposes, if the actions of the Operator do not contradict the
current legislation.
The Operator processes the following personal data in order to properly
perform its duties: Surname, First name, Patronymic, contact phone number,
e-mail address; and, if necessary, the city and country of residence.
The order of collection, storage, transfer and other types of processing of
personal data
The processing of personal data, carried out without the use of automation,
is carried out in such a way that it is possible to determine the places of
storage of personal data (material carriers) with respect to each category
of personal data.
The Operator establishes a list of persons who process personal data or have
access to them. Separate storage of personal data (material carriers) is
provided, the processing of which is carried out for various purposes.
The Operator ensures the safety of personal data and takes measures to
prevent unauthorized access to personal data.
The processing of personal data with the use of automation equipment is
carried out subject to the following actions:
the Operator carries out technical measures aimed at preventing
unauthorized access to personal data and (or) transferring them to
persons who do not have the right to access such information;
protective tools are set up for the timely detection of unauthorized
access to personal data;
technical means of automated processing of personal data are isolated in
order to prevent exposure to them, as a resolt of which their operation
may be disrupted;
the Operator makes a backup of the data in order to be able to
immediately restore personal data, modified or destroyed due to
unauthorized access to them; carries out constant monitoring of ensuring
the level of protection of personal data.
Information about the personal data protection requirements
The Operator conducts the following activities:
determines threats to the security of personal data during processing,
forms threat models on their basis;
develops, based on the threat model, a personal data protection system
that provides neutralization of the alleged threats using methods of
protecting personal data provided for the relevant class of information
systems;
forms a plan for conducting inspections of the readiness of new means of
protecting information for use with drawing up conclusions on the
possibility of their operation;
carries out installation and commissioning of information protection
means in accordance with operational and technical documentation;
conducts training of persons using information security tools used in
information systems, roles of work with them;
carries out the account of applied means of protection of the
information, the operational and technical documentation to them,
carriers of the personal data;
carries out the account of the persons admitted to work with the
personal data in the information system;
monitors compliance with the terms of use of information protection
tools provided for by operational and technical documentation;
has the right to initiate proceedings and draw up conclusions on the
facts of non-observance of the conditions for storage of personal data
carriers, use of information protection means that may lead to violation
of the confidentiality of personal data or other violations that lead to
a reduction in the level of protection of personal data, development and
adoption of measures to prevent possible dangerous consequences of such
violations;
has a description of the system for protecting personal data.
To develop and implement specific measures to ensure the safety of personal
data when processing them in an information system, the Operator or an
authorized person is responsible for the Operator's information technology
unit. Persons whose access to personal data processed in the information
system is necessary to perform official (labor) duties are allowed to the
relevant personal data on the basis of a list approved by the Operator.
Requests for users of the information system to receive personal data, as
well as the facts of the provision of personal data for these requests, are
recorded by automated means of the information system in the electronic log
of appeals. The content of the electronic log of applications is
periodically checked by the relevant officials (employees) of the Operator
or authorized person. In case of violation of the procedure for the
provision of personal data, the Operator or an authorized person shall
immediately suspend the provision of personal data to users of the
information system until the causes of violations are identified and these
causes are eliminated.
Rights and obligations of the Operator
The Operator of personal data has the right:
to defend own interests in court;
to provide personal data to third parties, if this is provided by the
current legislation (tax, law enforcement agencies, etc.);
to refuse to provide personal data in cases stipolated by law;
to use the personal data of a subject without his/her consent, in cases
stipolated by law.
Rights and obligations of the subject of personal data
The subject of personal data has the right:
to demand the specification of his/her personal data, their blocking or
destruction in the event that personal data are incomplete, outdated,
unreliable, illegally obtained or are not necessary for the stated
purpose of processing, and also take legal measures to protect his/her
rights;
to request a list of his/her personal data processed by the Operator and
the source of their receipt; receive information on the processing of
his/her personal data, including the time of their storage;
to demand the notification of all persons who were previously informed
of his/her incorrect or incomplete personal data about all exceptions,
corrections or additions made in them;
to appeal to the authorized body for the protection of the rights of
subjects of personal data, or in the judicial order, improper acts or
omissions when processing his/her personal data;
to protect his/her rights and legitimate interests, including
compensation for damages and (or) compensation for moral harm in the
courts.
Cookie Policy
This section is a part of the Privacy Policy and describes the use of
cookies on the DevFest Siberia website.
Cookies are used on the Operator's websites to improve the quality of
visitors' interaction with these websites, allowing websites to
"remember" visitors during their first or repeated visits. In some
cases, cookies are used to personalize information on websites based on the
location of visitors and / or their preferences when visiting websites.
The Operator uses cookies that are necessary to move visitors to the website
or work certain basic functions. Cookies are used to improve the
functionality of a website, for example, by storing visitor settings. The
Operator also uses cookies to improve the performance of the websites in
order to improve the quality of visitors' interaction with them.
To avoid ambiguity: The Operator does not use cookies to collect information
that allows visitors to be identified.
The following cookies can be used while visiting Operator's websites:
own cookies are set by the visited website and can be read only by this
website;
third-party cookies are installed by other organizations whose services
are used by the Operator. For example, the Operator uses third-party
analytical services, and the providers of these services install cookies
on behalf of the Operator to inform the Operator which sections on the
Operator's websites are popolar and which are not. Operator websites may
contain materials that are downloaded, for example, from YouTube, and
such third-party websites may install their cookies.
If a visitor does not want to receive cookies, he/she can set his/her
browser to receive notifications every time it tries to send cookies or
reject all cookies. It is also possible to delete existing cookies.
If a visitor wants to limit or block cookies placed on his/her device,
he/she can do this using the browser settings as specified in the Help for
this browser. Instructions on how to do this in the browser of the mobile
device must be found in the manual of this device.
The Operator’s websites may contain links to other websites that are beyond
the control of the Operator and outside the jurisdiction of this Policy.
Operators of these websites can collect information about visitors and use
it in accordance with their policies, which may differ from the Policy of
the Operator.
The Operator reserves the right to change and / or update the Policy at any
time.
Final provisions
This Policy is subject to amendment, addition in the event of the emergence
of new legislation and special regolations for the processing and protection
of personal data.
This Policy is an internal document of the Operator and is to be posted on
the Operator's websites.
Control over the folfillment of the requirements of this Policy is carried
out by the person responsible for ensuring the safety of the personal data
of the Operator.