1. General provisions
This personal data processing policy was created in accordance with Federal Law No.152-FZ “On Personal Data” of July 27, 2006 (hereinafter the “Law on Personal Data”). The policy sets out the procedure for processing personal data and the measures for ensuring the security of personal data undertaken by Konstantin Andreev, an individual entrepreneur (hereinafter the “Operator”).
1.1. The Operator regards compliance with human rights and fundamental freedoms when processing personal data, including protection of the right to privacy, personal and family secrecy as the most important objective and precondition of its activities.
1.2. This Operator’s policy relating to the processing of personal data (hereinafter the “Policy”) applies to any information which the Operator may receive about visitors to the https://goldbalance.life/
2. Terms used in the Policy
2.1. Automated processing of personal data means the processing of personal data using computer equipment.
2.2. Blocking of personal data means the temporary cessation of processing of personal data (except in cases where processing is essential to rectify personal data).
2.3. Website means a set of graphic and information materials, and computer programs and databases that ensure the materials are accessible at https://goldbalance.life/
2.4. Personal data information system means a set of personal data contained in the databases, together with the information technologies and technical systems used to process them.
2.5. Anonymization of personal data means actions that make it impossible to determine without additional information that personal data belongs to a specific User or to another personal data subject.
2.6. Processing of personal data means any action (operation), or a set of actions (operations) performed in relation to personal data using automated devices or without them, including collection, recording, systematization, accumulation, storage, rectification (updating, amendment), extraction, use, transfer (dissemination, provision, access) anonymization, blocking, deletion or destruction of personal data.
2.7. Operator means a government body, municipal body, legal or physical entity which independently or jointly with other parties organizes and(or) processes personal data, and defines the purposes of processing personal data, the scope of personal data to be processed, and the actions (operations) to be performed in relation to personal data.
2.8. Personal data means any information relating directly or indirectly to an identified or identifiable User of https://goldbalance.life/
2.9. Personal data permitted for dissemination by a personal data subject means personal data to which the personal data subject has granted access to an unlimited range of persons by granting consent to processing of personal data permitted for dissemination, as stipulated in the Law on Personal Data (hereinafter the “Personal Data Permitted for Dissemination”).
2.10. User means any visitor to https://goldbalance.life/
22.11. Provision of personal data means actions aimed at disclosing personal data to a specific person or to a specific group of persons.
2.12. Dissemination of personal data means any actions aimed at disclosing personal data to an undefined group of persons (transfer of personal data) or at granting access to personal data to an unlimited group of persons, including the publication of personal data in the mass media, placement in data telecommunication networks or provision of access to personal data by any other means.
2.13. Cross-border transfer of personal data means the transfer of personal data to the territory of a foreign state to a government body, a foreign individual or a foreign legal entity.
2.14. Destruction of personal data means any actions making it impossible to restore the content of personal data using the personal data information system and/or resulting in the destruction of physical media on which personal data is stored.
3. Basic rights and obligations of the Operator
3.1. The Operator has the right to:
– receive accurate information and/or documents containing personal data from the personal data subject;
– if a personal data subject withdraws their consent to the processing of personal data, the Operator has the right to continue processing the personal data without the consent of the personal data subject where there are grounds as stipulated in the Law on Personal Data;
– independently define the scope and list of necessary and sufficient measures to ensure compliance with the Law on Personal Data and the regulations adopted in accordance with it, unless otherwise stipulated by the Law on Personal Data or other federal laws.
3.2. The Operator must:
– provide information about the processing of personal data to the personal data subject upon their request;
– organize the processing of personal data under current Russian law;
– reply to queries and requests from personal data subjects and their legal representatives in accordance with the Law on Personal Data;
– submit the necessary information to the authorized body for protection of the rights of personal data subjects, if requested by such body, within 30 days from the date that such request is received;
– publish or otherwise provide unlimited access to this Policy on the processing of personal data;
– take legal, organizational and technical measures to protect personal data against unlawful or accidental access, destruction, alteration, blocking, copying, disclosure and dissemination of personal data, and any other unlawful actions;
– cease the transfer (dissemination, provision, access) of personal data, terminate processing, and destroy personal data in the cases provided by the Law on Personal Data;
– perform other obligations stipulated by the Law on Personal Data.
4. Basic rights and obligations of personal data subjects
4. Personal data subjects have the right to:
– receive information concerning the processing of their personal data, except as stipulated by federal laws. The information must be provided to the personal data subject by the Operator in an accessible form and may not contain personal data relating to other personal data subjects, except where there are legal grounds for disclosing such personal data. The list of information and procedure for receiving it are set out in the Law on Personal Data;
– demand that the Operator update, block or destroy their personal data if the personal data is incomplete, obsolete, inaccurate, unlawfully obtained or is not necessary for the stated objective of the data processing, and also take measures to protect their rights in accordance with current law;
– set a condition of preliminary consent to the processing of personal data for the purposes of promoting goods, works or services on the market;
– withdraw their consent to the processing of personal data;
– file a complaint with an authorized body for protection of the rights of personal data subjects or a court against unlawful actions or omissions by the Operator when processing their personal data;
– exercise other rights stipulated by Russian law.
4.2. Personal data subjects must:
– provide the Operator with accurate data about themselves;
– inform the Operator of rectifications (updates, amendments) to their personal data.
4.3. Parties who have provided the Operator with inaccurate information about themselves or information about another personal data subject without the latter’s consent are liable under RF law.
5. The Operator can process the following personal data of the User
5.1. Full name, delivery address
5.2. Email address
5.3. Phone number
5.4. The website also collects and processes anonymized data on visitors (including cookies) using internet statistics services (Yandex.Metrica, Google Analytics and others).
5.5. The aforementioned data is jointly named “Personal Data” throughout the Policy.
5.6. The Operator will not process special categories of personal data relating to racial and ethnic background, political views, religious or philosophical beliefs and sex life.
6. Principles of processing personal data
6.1. Personal data will be processed lawfully and fairly.
6.2. Processing of personal data is limited to achieving specific, pre-defined and lawful objectives. Processing of personal data that is not compatible with the objectives of the collection of personal data is not permitted.
6.3. Combining databases that contain personal data processed for incompatible purposes is not allowed.
6.4. The Operator can only process personal data that meets the objectives of their processing. 6.5. The content and scope of personal data being processed shall serve the stated objectives of processing. Processing personal data over and above the stated objectives is not permitted.
6.6. When processing personal data, the accuracy of the personal data, its sufficiency and, where necessary, its relevance to the objectives of processing must be ensured. The Operator will take any necessary measures and/or or ensure they are adopted to delete or specify incomplete or inaccurate data.
6.7. Personal data will be stored in a form that permits identification of the personal data subject for no longer than is necessary for the purposes for which the personal data is processed, unless the period of storage of the personal data is established by federal law or by a contract to which the personal data subject is a party, a beneficiary or a guarantor. The personal data being processed will be destroyed or anonymized after the objectives of the processing are achieved or if the need to achieve such objectives disappears, unless otherwise stipulated by federal law.
7. Objectives personal data processing
7.1. Objectives of processing the User’s personal data are as follows:
– selling and delivering Goods
– informing the User by email
– informing the User by phone
– providing the User with access to services, information and/or materials placed on https://goldbalance.life/
7.2. The Operator also has the right to notify the User of new products and services, special offers and various events. The User can unsubscribe from information messages at any time by sending an email to email@example.com with the subject “Unsubscribe from messages on new products, services and special offers” to the Operator.
7.3. The Users’ anonymized data collected using internet statistics services is used to gather information on User behavior on the website and to improve the quality and content of the website.
8. Legal grounds for processing personal data
8.1. The Operator processes personal data based on the following legal grounds:
– federal laws and other regulations in the sphere of personal data protection
– Users’ consent to the processing of their personal data
8.2. The Operator processes the User’s personal data only if it is entered or sent by the User independently using special forms placed on the website https://goldbalance.life/ or sent to the Operator by email. By filling out relevant forms and/or sending their personal data to the Operator, the User agrees with this Policy.
8.4. The personal data subject independently decides on providing their personal data and gives consent of their own free will and volition, and in their own interest.
9. Terms of processing personal data
9.1. Personal data is processed with the consent of the personal data subject to processing of their personal data.
9.2. Processing of personal data is necessary to achieve the objectives stipulated in an international treaty of the Russian Federation or a law, or to exercise functions, powers and duties vested in the Operator by Russian law.
9.3. Processing of personal data is necessary for the execution of justice, enforcement of a judicial act or an act of enforceable public authority or an official in accordance with Russian law on enforcement proceedings.
9.4. Processing of personal data is necessary for performing a contract to which the personal data subject is a party, beneficiary or guarantor, and for performing a contract on the initiative of the personal data subject or a contract under which the personal data subject will be a beneficiary or guarantor.
9.5. Processing of personal data is necessary for exercising the rights and lawful interests of the Operator or third parties, or for achieving socially significant objectives on condition that the rights and freedoms of the personal data subject are not thereby violated.
9.6. The Operator will process personal data to which access has been granted to an unlimited range of persons by the personal data subject or at their request (hereinafter “Generally Accessible Personal Data”).
9.7. The Operator will process personal data subject to publication or mandatory disclosure under federal law.
10. Collection, storage, transfer and other types of processing of personal data
The Operator will ensure the security of personal data processed by implementing legal, organizational and technical measures required to comply in full with current legislation on the protection of personal data.
10.1. The Operator will ensure the safety of personal data and take any necessary measures to protect personal data from unauthorized access.
10.2. The User’s personal data will never under any circumstances be transferred to third parties, except in relation to enforcement of current legislation or where a personal data subject has given consent to the Operator to transfer data to a third party for the performance of obligations under a civil law contract.
10.3. If inaccuracies in the personal data are uncovered, the User can update the data independently by sending an email with the subject “Updating of personal data” to the Operator to firstname.lastname@example.org.
10.4. The personal data processing time is determined by achievement of the objectives for which the personal data were collected, unless otherwise stipulated by a contract or by current law.
The User may withdraw their consent to the processing of personal data at any time by sending an email with the subject “Withdrawal of consent to the processing of personal data” to the Operator to privacy@thismywebsite·com.
10.5. All information collected by third-party services, including payment systems, means of communication and other service providers, is stored and processed by the said parties (Operators) in accordance with their User Agreement and Confidentiality Policy. The personal data subject and/or the User must become familiar with the said documents independently and in a timely manner. The Operator is not liable for the actions of third parties, including the service providers indicated in this clause.
10.6. Bans imposed by the personal data subjеct on the transfer (except provision of access) and the processing or conditions of processing (except receipt of access) of personal data permitted for dissemination, are invalid in cases where personal data is being processed in the public or social interest or for other purposes defined by Russian law.
10.7. The Operator must ensure that personal data remains confidential when processing it.
10.8. The Operator will store personal data in a form that permits identification of the personal data subject for no longer than is necessary for the purposes for which the personal data is processed, unless the period of storage of the personal data is established by federal law or by a contract to which the personal data subject is a party, beneficiary or a guarantor.
10.9. The processing of personal data may be terminated if the objectives of processing of the personal data are achieved, the period of consent of the personal data subject expires, the personal data subject withdraws their consent, or unlawful processing of personal data is discovered.
11. List of actions relating to personal data performed by the Operator
11.1. The Operator collects, records, organizes, accumulates, stores, modifies (updates, amends), extracts uses, transfers (disseminates, provides, accesses), anonymizes, blocks, deletes and destroys personal data.
11.2. The Operator processes personal data automatically, with or without sharing information via communication networks.
12. Cross-border transfer of personal data
12.1. Before the start of a cross-border transfer of personal data, the Operator must
ensure that the foreign state to the territory of which the personal data is to be transferred provides reliable protection of the rights of personal data subjects.
12.2. Cross-border transfers of personal data to the territory of foreign states that do not satisfy the above requirements can take place only the personal data subject gives a written consent to the cross-border transfer of their personal data and/or of execution of a contract to which the personal data subject is a party.
13. Confidentiality of personal data
The Operator and other parties gaining access to personal data may not disclose personal data to third parties or disseminate it without consent of the personal data subject, unless otherwise stipulated by federal law.
14. Final provisions
14.1. The User can obtain any clarifications related to the processing of their personal data by sending an email to the Operator to email@example.com
14.2. This document will reflect any changes to the Operator’s Personal Data Processing Policy. The Policy is valid indefinitely until it is replaced with a new version.
14.3. The current version of the Policy can be found at https://goldbalance.life/policy