Privacy Policy

nastoiashchaia politika v otnoshenii obrabotki personalnykh dannykh dalee politika podgotovlena v sootvetstvii s p 2 ch 1 st 18 1 federalnogo zakona rossiiskoi federatsii o personalnykh dannykh 152 fz ot 27 iiulia 2006 goda dalee zakon i opredeliaet pozitsiiu ooo platforma inn 5190018355 kpp 519001001 iuridicheskii adres 183025 murmanskaia oblast g murmansk ul kapitana burkova d 11 18 pomeshch 3 i ili ego affilirovannykh lits dalee kompaniia v oblasti obrabotki i zashchity personalnykh dannykh dalee dannye sobliudeniia prav i svobod kazhdogo cheloveka i v osobennosti prava na neprikosnovennost chastnoi zhizni lichnuiu i semeinuiu tainu

This Policy applies to Data obtained both before and after the entry into force of this Policy.

Understanding the importance and value of the Data, as well as taking care of the constitutional rights of citizens of the Russian Federation and citizens of other states, the Company ensures reliable protection of the Data.

Data means any information relating directly or indirectly to a specific or identifiable natural person (citizen), i.e. such information, in particular, includes: surname, name, patronymic, address of registration / sending of correspondence, e-mail, phone number, date or place of birth, location, photograph, link to a personal website or social networks, profession, education, income level, marital status, passport data, ip address.

Data processing means any action (operation) or a set of actions (operations) with Data performed using automation tools and / or without the use of such tools. Such actions (operations) include: collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of Data.

Data security means the protection of Data from unauthorized and/or unauthorized access to it, destruction, modification, blocking, copying, provision, distribution of Data, as well as from other illegal actions in relation to Data.

The processing and security of Data in the Company is carried out in accordance with the requirements of the Constitution of the Russian Federation, the Law, the Labor Code of the Russian Federation, by-laws, other federal laws of the Russian Federation that determine the cases and features of the processing of Data, guidelines and methodological documents of the FSTEC of Russia and the FSB of Russia.

The subjects of the Data processed by the Company are:

• customers - consumers, incl. visitors to the Site https://en.ica.dog, owned by the Company, including for the purpose of placing an order on the Site https://en.ica.dog with subsequent delivery to the client;
• service recipients;
• members of loyalty bonus programs.

The Company processes the Data Subjects for the following purposes of exercising the functions, powers and obligations assigned to the Company by the legislation of the Russian Federation in accordance with federal laws, including, but not limited to:

• The Civil Code of the Russian Federation;
• The Tax Code of the Russian Federation, the Labor Code of the Russian Federation;
• Family Code of the Russian Federation;
• Federal Law No. 27-FZ of April 1, 1996 “On Individual (Personalized) Accounting in the Compulsory Pension Insurance System”;
• Federal Law No. 152-FZ of July 27, 2006 “On Personal Data”;
• Federal Law No. 53-FZ of March 28, 1998 “On Military Duty and Military Service”;
• Federal Law No. 31-FZ of February 26, 1997 “On mobilization training and mobilization in the Russian Federation”;
• Federal Law No. 14-FZ of February 8, 1998 “On Limited Liability Companies”;
• Federal Law No. 2300-1 of 07.02.1992 “On Protection of Consumer Rights”;
• Federal Law No. 129-FZ of November 21, 1996 “On Accounting”;
• Federal Law No. 326-FZ of November 29, 2010 “On Compulsory Medical Insurance in the Russian Federation”.

Participants of bonus loyalty programs in order to:

• providing information on goods, ongoing promotions, the state of the personal account;
• identification of the participant in the loyalty program; ensuring the procedure for accounting for the accumulation and use of bonuses;
• fulfillment by the Company of obligations under the loyalty program.

Clients - consumers in order to:

• providing information on goods/services, ongoing promotions and special offers;
• analysis of the quality of the service provided by the Company and improvement of the quality of customer service of the Company;
• informing about the status of the order;
• performance of the contract, incl. purchase and sale agreements, incl. concluded remotely on the Site, paid provision of services; provision of services, as well as accounting for services rendered to consumers for mutual settlements;
• delivery of the ordered goods to the client who made an order on the Site, return of the goods.

When processing Data, the Company adheres to the following principles: Data processing is carried out on a legal and fair basis; Data is not disclosed to third parties and is not distributed without the consent of the Data subject, except in cases requiring disclosure of Data at the request of authorized state bodies, legal proceedings; determination of specific legitimate purposes prior to the processing (including collection) of Data; only those Data are collected that are necessary and sufficient for the stated purpose of processing; merging of databases containing Data, the processing of which is carried out for purposes incompatible with each other is not allowed; the processing of the Data is limited to the achievement of specific, predetermined and legitimate purposes; the processed Data is subject to destruction or depersonalization upon achievement of the purposes of processing or in case of loss of the need to achieve these purposes, unless otherwise provided by federal law.

The Company may include the Data of the subjects in public Data sources, while the Company takes the written consent of the subject to the processing of his Data, or by expressing consent through the site form (checkbox), by clicking on which the subject of personal data expresses his consent.

The Company does not process Data relating to race, nationality, political views, religious, philosophical and other beliefs, intimate life, membership in public associations, including trade unions.

Biometric Data (information that characterizes the physiological and biological characteristics of a person, on the basis of which his identity can be established and which is used by the operator to identify the Data subject) is not processed by the Company.

The company carries out cross-border data transfer. The Company confirms that the foreign state to whose territory personal data is transferred provides adequate protection of the rights of personal data subjects in accordance with the level of security determined by the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data.

In cases established by the legislation of the Russian Federation, the Company has the right to transfer the Data to third parties (the federal tax service, the state pension fund and other state bodies) in cases provided for by the legislation of the Russian Federation.

The transfer of personal data to third parties can be carried out only in cases established by the legislation of the Russian Federation, an agreement with the participation of the User or with his consent. By this Consent, the User confirms his consent to the provision of the User's personal data to the Company to the partners and bodies indicated below, and also consents to the processing by these partners (bodies)in the volumes, methods and for the period specified in this consent, but no more than is required to ensure the processing purposes specified on the website at the Internet address https://en.ica.dog, the performance of certain functions of the Company, namely:

• Timeweb LLC (Address: St. Petersburg, Zastavskaya st., 22, building 2, lit. A, TIN: 7840339881) - for the processing of personal data (last name, first name, patronymic, email address, phone numbers , year, month, date, place of birth) of this Policy, for the following purposes: hosting, in general, information using the site at the Internet address https://en.ica.dog.

Persons processing Data on the basis of an agreement concluded with the Company (instruction of the operator) undertake to comply with the principles and rules for the processing and protection of Data provided for by the Law. For each third party, the contract defines a list of actions (operations) with Data that will be performed by a third party processing Data, the purposes of processing, establishes the obligation of such a person to maintain confidentiality and ensure the security of Data during their processing, specifies the requirements for protecting processed Data in accordance with with the Law.

In order to comply with the requirements of the current legislation of the Russian Federation and its contractual obligations, the processing of Data in the Company is carried out both with and without the use of automation tools. The set of processing operations includes the collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (provision, access), depersonalization, blocking, deletion, destruction of Data.

The Company prohibits the adoption, based solely on automated processing of the Data, of decisions that give rise to legal consequences in relation to the Data subject or otherwise affect his rights and legitimate interests, except as otherwise provided by the legislation of the Russian Federation.

The subject whose Data is processed by the Company has the right to:

• receive from the Company:
  • confirmation of the fact of Data processing and information about the availability of Data related to the relevant Data subject;
  • information about the legal grounds and purposes of Data processing; information about the methods of Data processing used by the Company; information about the name and location of the Company;
  • information about persons (excluding employees of the Company) who have access to the Data or to whom the Data may be disclosed on the basis of an agreement with the Company or on the basis of federal law;
  • a list of the processed Data relating to the subject of the Data, and information about the source of their receipt, unless a different procedure for providing such Data is provided for by federal law;
  • information about the terms of Data processing, including the terms of their storage;
  • information on the procedure for exercising by the Data subject of the rights provided for by the Law;
  • name (full name) and address of the person processing the Data on behalf of the Company;
  • other information provided for by the Law or other regulatory legal acts of the Russian Federation;
• require the Company:
  • clarification of their Data, their blocking or destruction if the Data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing;
  • withdraw your consent to the processing of Data at any time; demand the elimination of illegal actions of the Company in relation to its Data;
  • appeal against the actions or inaction of the Company to the Federal Service for Supervision of Communications, Information Technology and Mass Communications (Roskomnadzor) or in court if the Data subject believes that the Company is processing his Data in violation of the requirements of the Law or otherwise violates his rights and freedom;
  • to protect their rights and legitimate interests, including damages and / or compensation for moral damage in court.

The Company in the process of processing the Data is obliged to:

• provide the Data subject, at his request, with information regarding the processing of his PD, or legally provide a refusal within thirty days from the date of receipt of the request of the Data subject or his representative;
• explain to the Data subject the legal consequences of refusal to provide the Data, if the provision of the Data is mandatory in accordance with federal law;
• prior to the start of Data processing (if the Data is not received from the Data subject), provide the Data subject with the following information, except as provided for in part 4 of Article 18 of the Law:
  • name or surname, name, patronymic and address of the Company or its representative;
  • the purpose of the Data processing and its legal basis;
  • intended users of the Data;
  • the rights of Data subjects established by the Law;
  • the source of the Data.
• take the necessary legal, organizational and technical measures or ensure their adoption to protect the Data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of the Data, as well as from other illegal actions in relation to the Data;
• publish on the Internet and provide unrestricted access using the Internet to a document defining its policy regarding Data processing, to information about the Data protection requirements being implemented;
• provide the Data subjects and/or their representatives free of charge with the opportunity to familiarize themselves with the Data when making a relevant request within 30 days from the date of receipt of such a request;
• to block illegally processed Data related to the Data subject, or ensure their blocking (if the Data processing is carried out by another person acting on behalf of the Company) from the moment of application or receipt of a request for the verification period, in case of detection of illegal Data processing upon the request of the Data subject or his a representative or, at the request of the Data subject or his representative or an authorized body for the protection of the rights of personal data subjects;
• clarify the Data or ensure its clarification (if the Data is processed by another person acting on behalf of the Company) within 7 working days from the date of submission of the information and remove the blocking of the Data, if the fact of the inaccuracy of the Data is confirmed based on the information provided by the Data subject or his representative;
• stop illegal processing of Data or ensure the termination of illegal processing of Data by a person acting on behalf of the Company, in case of detection of illegal processing of Data carried out by the Company or a person acting on the basis of an agreement with the Company, within a period not exceeding 3 business days from the date of such detection;
• terminate the processing of the Data or ensure its termination (if the Data processing is carried out by another person acting under an agreement with the Company) and destroy the Data or ensure their destruction (if the Data processing is carried out by another person acting under an agreement with the Company) upon achieving the purpose of the Data processing, unless otherwise not provided for by the contract, the party to which, the beneficiary or the guarantor of which is the Data subject, in case the purpose of Data processing is achieved;
• terminate the processing of the Data or ensure its termination and destroy the Data or ensure their destruction in the event that the Data subject withdraws consent to the Data processing, if the Company is not entitled to process the Data without the consent of the Data subject;
• maintain a register of requests from PD subjects, which should record the requests of Data subjects to receive Data, as well as the facts of providing Data in response to these requests.

When processing the Data, the Company takes the necessary legal, organizational and technical measures to protect the Data from illegal and / or unauthorized access to them, destruction, modification, blocking, copying, provision, distribution of the Data, as well as from other illegal actions in relation to the Data.

Such measures in accordance with the Law, in particular, include:

• appointment of a person responsible for organizing the processing of the Data and a person responsible for ensuring the security of the Data;
• development and approval of local acts on the processing and protection of Data;
• application of legal, organizational and technical measures to ensure the security of Data:
  • identification of threats to the security of Data during their processing in information systems of personal data;
  • application of organizational and technical measures to ensure the security of Data during their processing in personal data information systems necessary to meet the requirements for Data protection, the implementation of which ensures the levels of Data security established by the Government of the Russian Federation;
  • the use of information security tools that have passed the conformity assessment procedure in accordance with the established procedure;
  • assessment of the effectiveness of the measures taken to ensure the security of the Data prior to the commissioning of the personal data information system;
  • accounting for machine media of the Data, if the Data is stored on machine media;
  • detection of facts of unauthorized access to the Data and taking measures to prevent such incidents in the future;
  • recovery of Data modified or destroyed due to unauthorized access to them;
  • establishing rules for access to the Data processed in the personal data information system, as well as ensuring the registration and accounting of all actions performed with the Data in the personal data information system.
• control over the measures taken to ensure the security of the Data and the level of security of personal data information systems;
• assessment of the harm that may be caused to the Data subjects in case of violation of the requirements of the Law, the ratio of the specified harm and the measures taken by the Company aimed at ensuring the fulfillment of the obligations provided for by the Law; compliance with the conditions that exclude unauthorized access to material data carriers and ensure the safety of the Data;
• familiarization of the employees of the Company directly involved in the processing of Data with the provisions of the legislation of the Russian Federation on Data, including the requirements for Data protection, local acts on the processing and protection of Data, and training of employees of the Company.

The terms of processing (storage) of Data are determined based on the purposes of Data processing, in accordance with the validity period of the contract with the Data subject, the requirements of federal laws, the requirements of Data operators on behalf of which the Company processes Data, the basic rules for the operation of archives of organizations, the limitation period.

Data whose processing (storage) period has expired must be destroyed, unless otherwise provided by federal law. Storage of Data after the termination of their processing is allowed only after their depersonalization.

Persons whose Data is processed by the Company may obtain clarifications on the processing of their Data by contacting the Company in person or by sending a corresponding written request to the address of the Company's location.

If an official request is sent to the Company, the text of the request must include:

• surname, name, patronymic of the Data subject or his representative;
• number of the main document proving the identity of the Data subject or his representative, information about the date of issue of the specified document and the authority that issued it;
• information confirming that the Data subject has a relationship with the Company;
• information for feedback in order for the Company to send a response to the request;
• signature of the Data subject (or his representative).

If the request is sent electronically, then it must be executed in the form of an electronic document and signed with an electronic signature in accordance with the legislation of the Russian Federation.