1. General provisions
1.1. This Privacy Policy has been developed by NIKA ESTATE LLC 51677464660998 (hereinafter, respectively, the Policy and the Operator) to comply with the requirements of paragraph 2 of Part 1 of Article 18.1 of Federal Law No. 152–FZ dated 07/27/2006 "On Personal Data" (hereinafter - the Law on Personal Data) and regulates the issues of processing by the Operator of personal data of Users of the Site.
1.2. The Policy uses concepts in the sense that they are defined in paragraph 1.6 of the Policy. The Policy applies to relations in the field of personal data processing that arose with the Operator both before and after the approval of this Policy.
1.3. The Operator independently or jointly with other persons organizes the processing of personal data, as well as determines the purposes of processing personal data, determines the actions (operations) performed with personal data.
1.4. The Policy applies to all personal data that the Operator receives from Users of the Site.
1.5. In compliance with the requirements of part 2 of Article 18.1 of the Law on Personal Data, this Policy is published in free access on the Internet information and telecommunications network on the Website.
1.6. Basic concepts used in the Policy:
1.6.1. Personal data - any information related directly or indirectly to a specific or identifiable User of the Site;
1.6.2. Website – a set of logically interconnected web pages (web documents) located on the Internet at: nikaestate.ae;
1.6.3. User – any person who has provided information to the Operator using the Site;
1.6.4. Personal data information system - a set of personal data contained in databases and information technologies and technical means that ensure their processing;
1.6.5. Processing of personal data - any action (operation) or a set of actions (operations) with personal data performed using automation tools or without their use. The processing of personal data includes, among other things:
collection;
record;
systematization;
accumulation;
keeping;
clarification (update, change);
extraction;
usage;
transmission (distribution, provision, access);
depersonalization;
blocking;
removal;
destruction.
1.6.6. Automated processing of personal data - processing of personal data using computer technology;
1.6.7. Dissemination of personal data - actions aimed at disclosure of personal data to an indefinite circle of persons;
1.6.8. Provision of personal data - actions aimed at disclosing personal data to a certain person or a certain circle of persons;
1.6.9. Depersonalization of personal data - actions as a result of which it becomes impossible to determine the identity of personal data to a specific personal data subject without using additional information;
1.6.10. Blocking of personal data - temporary termination of the processing of personal data (except in cases where processing is necessary to clarify personal data);
1.6.11. Destruction of personal data - actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which the material carriers of personal data are destroyed;
1.6.12. Cross-border transfer of personal data is the transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual or a foreign legal entity.
2. Purposes of personal data processing
2.1. The processing of personal data by the Operator is carried out for the following purposes:
2.1.1. Processing User requests in order for the Operator to conclude contracts with Users;
2.1.2. Conclusion and execution by the Operator of contracts with Users;
2.1.3. Providing Users with access to information and materials contained on the Site;
2.1.4. Informing Users about the goods, services, advertising and other activities of the Operator;
2.1.5. Other purposes necessary for the Operator to comply with the legislation on personal data.
3. Categories of personal data processed
3.1. The Operator processes the following personal data of Users:
the data that you collect.
3.2. The operator collects and processes anonymous data about visitors (including cookies) using Internet statistics and advertising (Yandex Metrika, Google Analytics and others).
3.3. The Operator does not process special categories of personal data provided for by the Law on Personal Data.
3.4. The Operator does not process biometric categories of personal data provided for by the Law on Personal Data.
4. The procedure and conditions for processing personal data
4.1. The processing of personal data is carried out by the Operator with the consent of the Users to the processing of their personal data, as well as without it in cases provided for by law. The User's consent to the processing of personal data is considered received by the Operator from the moment the User places a special mark in the appropriate field of the personal data collection form posted on the Website.
4.2. The Operator performs Automated processing of personal data.
4.3. The Operator processes personal data in a form that allows it to identify the subject of personal data, no longer than the purposes of personal data processing require.
4.4. Upon achievement of the purposes of processing personal data, as well as in the case of withdrawal by the User of consent to their processing, personal data shall be destroyed, except in cases provided for by law.
4.5. The Operator implements the following requirements for the protection of personal data:
4.5.1. requirements for the confidentiality of personal data;
4.5.2. requirements for ensuring the exercise by the subject of personal data of his rights, including the right to access information;
4.5.3. requirements for ensuring the accuracy of personal data, and, if necessary, relevance to the purposes of personal data processing (with the adoption (ensuring the adoption) of measures to delete or clarify incomplete or inaccurate data);
4.5.4. requirements for the protection of personal data from unlawful or accidental access to them, destruction, modification, blocking, copying, provision, dissemination of personal data, as well as from other unlawful actions in relation to personal data;
4.5.5. other requirements stipulated by the legislation.
4.6. The Operator shall take the following measures necessary and sufficient to ensure the fulfillment of the obligations provided for by law regarding the processing and protection of personal data:
4.6.1. appointment of a Person responsible for ensuring the security of personal data;
4.6.2. determination of the list of employees allowed to work with personal data;
4.6.3. approval of this Privacy Policy regarding the processing of personal data and ensuring their security;
4.6.4. application of legal, organizational and technical measures to ensure the security of personal data, in particular:
identification of threats to the security of personal data during their processing in the Personal Data Information System;
the application of organizational and technical measures to ensure the security of personal data during their processing in the Personal Data Information System, necessary to meet the requirements for the protection of personal data, the fulfillment of which ensures the levels of personal data protection established by the Government of the Russian Federation;
the application of procedures for assessing the conformity of information security tools that have been carried out in accordance with the established procedure;
establishment of rules for access to personal data processed in the Personal Data Information System;
control over the measures taken to ensure the security of personal data and the level of security of the Personal Data Information System;
4.6.5. implementation of internal control of compliance of personal data processing with the Law on Personal Data and regulatory legal acts adopted in accordance with it, requirements for personal data protection, Operator's policy regarding personal data processing, Operator's local acts;
4.6.6. familiarization of employees directly engaged in the processing of personal data with the provisions of the legislation of the Russian Federation on personal data, including the requirements for the protection of personal data, as well as with this Policy.
4.7. The Operator has the right to transfer the User's personal data to third parties in the following cases:
4.7.1. The User has agreed to such actions;
4.7.2. The transfer is necessary in order for the Operator to fulfill the contract concluded with the User;
4.7.3. The transfer is necessary in order to provide the User with access to certain services of the Site upon his request;
4.7.4. The transfer is provided for by the current legislation;
4.7.5. The transfer of personal data is carried out for statistical or other research purposes, with the exception of the purposes specified in Article 15 of the Law on Personal Data, subject to mandatory depersonalization of personal data.
4.8. When collecting personal data of Users, the Operator ensures the recording, systematization, accumulation, storage, clarification (updating, modification), extraction of personal data of citizens of the Russian Federation using databases located on the territory of the Russian Federation, except for the cases specified in the Law on Personal Data.
5. The procedure for User interaction with the Operator
5.1. Users have the right to request information from the Operator regarding the processing of their personal data. To do this, send a request to the following email address: info@nikaestate.ru . The User's request must contain the information provided for in part 3 of Article 14 of the Law on Personal Data.
5.2. Users have the right to send requests for clarification, updating of personal data, applications for revocation of consent to the processing of personal data to the email address specified in clause 5.1 of the Policy.