Protection of Personal Data

This document defines the Policy of Flynet LLP regarding the processing of personal data and the implementation of requirements for the protection of personal data in accordance with applicable law.

This provision applies to personal data collected using the Internet telecommunications network.

1. Terms and definitions

The following special concepts are used in this policy:

  • Personal data — any information relating to a directly or indirectly identified or identifiable natural person (subject of personal data).

  • Processing of personal data — any action or set of actions performed with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction.

  • Automated processing — processing of personal data using computer technology.

  • Blocking of personal data — temporary suspension of processing (except when processing is necessary to clarify personal data).

  • Depersonalization — actions making it impossible without additional information to determine the belonging of personal data to a specific subject.

  • Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.

  • Distribution of personal data — actions aimed at disclosing personal data to an indefinite group of persons.

  • Destruction of personal data — actions making it impossible to restore the content of personal data.

  • Special categories — data relating to racial, national origin, political views, religious beliefs, health status, as well as biometric personal data.

  • Subject of personal data (SPD) — a natural person to whom personal data directly or indirectly relates.

The legal basis for the processing of personal data includes:

  • Federal Law No. 152-FZ “On Personal Data” dated 27.07.2006.
  • Other regulatory legal acts of the Russian Federation.
  • Consent of the subject of personal data to the processing.
  • Contracts between the Company and the subject of personal data.

3. Acceptance of the terms of this provision

By using the Company’s services, the subject accepts the terms of this provision. The subject confirms:

  • Familiarity with this Policy and consent to the processing of personal data.
  • Consent to the transfer of personal data to third parties for the purposes of executing contracts and providing services.
  • The right to withdraw consent by sending a written notice to the Company.

4. Principles of personal data processing

  • Processing is carried out on a legal and fair basis.
  • Processing is limited to achieving specific, predetermined and legitimate purposes.
  • The content and volume of processed data correspond to the stated purposes.
  • Combining databases containing personal data processed for incompatible purposes is not allowed.
  • Only personal data that meets the purposes of processing are subject to processing.
  • Processed data is destroyed or depersonalized upon achieving the processing goals.

5. Place of storage of personal data

Personal data is stored on the territory of the Russian Federation in accordance with the requirements of Federal Law No. 152-FZ.

6. Purposes of personal data processing

Personal data is processed for the following purposes:

  • Concluding and executing contracts with subjects of personal data.
  • Providing access to the Company’s services.
  • Informing subjects about new products, services and promotions.
  • Processing payments and financial transactions.
  • Compliance with the requirements of applicable law.

7. Composition of personal data

7.1. The Company may process the following personal data: surname, name, patronymic, email, telephone, fax, identity document data, residence/place of stay data, payment details, date and place of birth.

For the purpose of assessing SPD in employment, the following may be processed: passport data, personal and biographical data, education and professional development data, specialty or profession data, employment and general experience, insurance certificate of mandatory pension insurance, individual taxpayer number, military registration data, health status data, address of actual residence, home and mobile phone, email address, family composition data, existence of criminal records, position, salary information.

8. Processing of personal data

Personal data is processed in the following ways:

  • Collection, systematization, accumulation, storage, clarification (updating, modification), extraction.
  • Use, transfer (distribution, provision, access).
  • Depersonalization, blocking, deletion, destruction.
  • Mixed processing (with and without automation).

Processing ceases upon achieving the purposes of processing or in case of withdrawal of consent.

9. Confidentiality of personal data

The Company does not disclose personal data to third parties and does not distribute personal data without the consent of the subject, unless otherwise provided by applicable law.

Access to personal data is granted only to authorized employees who need it to perform their duties.

10. Measures to protect personal data

The Company takes the following measures to protect personal data:

  • Appointment of a person responsible for organizing personal data processing.
  • Application of legal, organizational and technical measures to ensure security.
  • Internal control over compliance of processing with Federal Law No. 152-FZ.
  • Assessment of harm that may be caused to subjects in case of violation.
  • Familiarization of employees with legislation and internal regulations.
  • Use of secure communication channels and encryption.
  • Regular audit of information systems.

11. Rights of personal data subjects

Subjects have the right to:

  • Receive information concerning the processing of their personal data.
  • Demand clarification, blocking or destruction of personal data if it is incomplete, outdated, inaccurate or obtained illegally.
  • Withdraw consent to the processing of personal data.
  • Appeal against actions or inaction of the Company.

12. Policy publication

This Policy is published on the Company’s website and is a publicly available document. The Company has the right to unilaterally amend this Policy. The current version is always available on the website.

13. Direction of appeals

Any appeals of SPD shall be sent to the Company’s address:

634055, Russia, Tomsk, Razvitiya prospekt, 3, 161, LLC “Flynet”

Or via email: support@flynet.pro