PERSONAL DATA PROCESSING POLICY
TERMS
1. General Provisions
2. Principles and conditions for processing personal data
2.1. Principles of personal data processing
2.2. Terms of personal data processing
2.3. Entrusting the processing of personal data to another person
2.4. Transfer of personal data
3. Rights of personal data subjects and the Operator
3.1. Consent of the personal data subject to the processing of his personal data
3.2. Rights of the personal data subject and the Operator
4. Ensuring the security of personal data
5. Final Provisions
TERMS
The following terms are used in the Personal Data Processing Policy (hereinafter referred to as the Policy):
“Personal data” (PD) – any information relating to a directly or indirectly identified or identifiable individual (subject of personal data).
“Processing of personal data” means any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (provision, access), depersonalization, blocking, deletion, destruction of personal data.
“Confidentiality of personal data” is a mandatory requirement for the Operator or another person who has gained access to personal data to prevent their dissemination without the consent of the subject of the personal data or the presence of another legal basis.
“Website User” – an individual who has access to the Website via the Internet and uses the Website.
“Website” – a website accessible online under the unique domain name https://7universum.com/ru/
“Law” – Federal Law of July 27, 2006 No. 152-FZ “On Personal Data”
1. GENERAL PROVISIONS
1.1. The Policy is a document developed in accordance with the Law and defining the procedure for processing personal data provided by Users of the Site.
1.2. The Policy defines the procedure for processing personal data and measures to ensure the security of personal data of MCNO LLC, INN 7715904374, 123098, Moscow, Marshal Vasilevsky Street, Building 5, Building 1, Apt. 74 (hereinafter referred to as the Operator) in order to protect the rights and freedoms of an individual and citizen when processing his or her personal data, including the protection of the rights to privacy, personal and family secrets.
1.3. All terms and definitions used in the Policy have the same meaning as in the Law.
1.4. Any personal information uploaded by the User to the Website is considered by the Operator "as is" and is not subject to prior verification for accuracy. The User is solely responsible for the accuracy of the information provided on the Website.
1.5. The Policy is a publicly available document of the Operator and provides for the possibility of free review by all third parties.
1.6. When processing personal data, the Operator complies with the confidentiality requirements established by the Law.
1.7. The Operator has the right to carry out both automated and non-automated processing of the information provided by the User.
1.8. In accordance with the requirements of the Law, all personal data of the Site user is stored on a server located in the Russian Federation.
1.9. This Policy applies only to the Website. The Operator does not control and is not responsible for third-party websites/information systems/services that the User may access via links available on the Website.
1.10. The Operator does not process biometric or special categories of Personal Data. The Website is not intended to process the personal data of minors.
2. PRINCIPLES AND CONDITIONS FOR PROCESSING PERSONAL DATA
2.1. Principles of personal data processing
The Operator processes personal data based on the following principles:
- legality and fair basis;
- limiting the processing of personal data to the achievement of specific, predetermined and legitimate purposes;
- preventing the processing of personal data that is incompatible with the purposes of collecting personal data;
- preventing the merging of databases containing personal data, the processing of which is carried out for purposes incompatible with each other;
- processing only those personal data that meet the purposes of their processing;
- compliance of the content and volume of processed personal data with the stated purposes of processing;
- preventing the processing of personal data that is excessive in relation to the stated purposes of their processing;
- ensuring the accuracy, sufficiency and relevance of personal data in relation to the purposes of processing personal data;
- destruction or depersonalization of personal data upon achieving the purposes of their processing or in the event of loss of the need to achieve these purposes, if it is impossible for the Operator to eliminate the violations of personal data committed, unless otherwise provided by federal law.
2.2. The Operator collects and further processes personal data for the following purposes:
Purpose of personal data processing | List and categories of personal data | Method of processing personal data | PD processing period | Legal basis for processing personal data |
Publication of a work (scientific article) on the Website, as well as in printed form in the relevant scientific publication. | PD that are not biometric and do not belong to a special category of PD: last name, first name, patronymic, email address, telephone number, postal address, bank details, education information, place of study, place of work | With and without the use of automation tools | Before fulfilling obligations under the contract or terminating the contract | Agreement |
Providing the User with information related to the fulfillment of the terms of the agreement between the User and the Operator | PD that are not biometric and do not belong to a special category of PD: last name, first name, patronymic, email address, postal address, telephone number | With and without the use of automation tools | Before fulfilling obligations under the contract or terminating the contract | Agreement |
Processing requests and applications from Site Users (feedback, sending notifications) | PD that are not biometric and do not belong to a special category of PD: name, email address, phone number | With and without the use of automation tools | Until consent is revoked | Agreement |
Sending the Operator's offers, informational and advertising messages about the Operator's services | PD that are not biometric and do not belong to a special category of PD: name, email address, postal address, telephone | With and without the use of automation tools | Until consent is revoked | Agreement |
Publishing reviews on the Website | PD that are not biometric and do not belong to a special category of PD: last name, first name, patronymic, information about academic rank and degree; information about place of work and position held, city and country of residence, as well as other information provided by the subject of personal data in the response | Using automation tools | Until consent is revoked | Agreement |
Protection of the Operator's legitimate interests in cases where the Operator's actions/inactions are challenged by third parties | PD that are not biometric and do not belong to a special category of PD: last name, first name, patronymic, email address, telephone number, postal address, bank details, education information, place of study, place of work | With and without the use of automation tools | 3 years from the date of achieving the processing purposes provided for in the Policy | Exercise of rights and legitimate interests of the Operator |
Preparation of analytical and statistical reports for the Operator | PD that are not biometric and do not belong to a special category of PD: cookies, data from the Site's metric programs | With and without the use of automation tools | Until consent is revoked | Agreement |
For the purposes of information support and creation of publicly available sources of PD, including reference books (when publishing works (scientific articles) on the Site, in printed form in a scientific journal. | PD that are not biometric and do not belong to a special category of PD: last name, first name, patronymic; information about academic rank and degree; information about place of work and position held, as well as other information provided by the subject of personal data (in the case of performance of contractual relations between the operator and the subject) | With and without the use of automation tools | Before fulfilling obligations under the contract or terminating the contract | Agreement |
2.3. Entrusting the processing of personal data to another person
The Operator has the right to entrust the processing of personal data to another person with the consent of the personal data subject, unless otherwise provided by law, based on an agreement concluded with that person. The person processing personal data on behalf of the Operator is obligated to comply with the principles and rules for processing personal data stipulated by law.
2.4. Transfer of personal data
2.4.1. The Operator has the right to transfer Personal Data to third parties for the purpose of achieving the relevant data processing goal, in particular, to courier services, postal organizations, telecommunications operators, the Operator's partners for the purpose of fulfilling contractual obligations to the User and the Operator's statutory duties, as well as in cases stipulated by law (for example, to authorized state authorities of the Russian Federation only on the grounds and in the manner established by the legislation of the Russian Federation).
2.4.2 The Operator has the right to transfer the User’s personal data to the following third parties:
Name of the handler | Information about the processor | Purpose of processing |
Scientific Electronic Library LLC | INN/KPP: 7729367112 address: 117246, Moscow, Nauchny proezd, 14A, building 3, townhouse 1 | Posting article metadata on the website https://www.elibrary.ru/ |
2.4.3. In the event of a cross-border transfer of Personal Data, the Operator is obliged to ensure that the foreign state to whose territory the personal data is to be transferred ensures adequate protection of the rights of personal data subjects before such transfer commences.
2.4.4. Cross-border transfer of personal data to the territory of foreign states that do not provide adequate protection of the rights of personal data subjects may be carried out in cases stipulated by the Law
3. RIGHTS OF THE PERSONAL DATA SUBJECT AND THE OPERATOR
3.1. In accordance with the Law, personal data subjects have the following rights when processing personal data
3.1.1. to access personal data;
3.1.2. to clarify personal data;
3.1.3. to block and delete personal data;
3.1.4. to appeal our actions or our inaction;
3.1.5. to appeal decisions taken solely on the basis of automated processing of their personal data;
3.1.6. to revoke consent to the processing of personal data.
3.2. Requests from personal data subjects regarding the processing of their personal data by the Operator are accepted at the addresses specified in this Policy, with identification data attached to the email address mail@7universum.com . Requests will be processed within 10 (ten) business days from the date of the request. This period may be extended by no more than 5 (five) business days upon substantiated notification by the Operator in a reply. Information is provided in the form in which the relevant request was submitted, unless otherwise specified.
3.3. The Operator reserves the right to unilaterally amend this Policy. The new version of the Policy shall take effect upon its posting on the Website, unless otherwise provided in the new version of the Policy. The current Policy is available at https://7universum.com/ru/policy.
4. ENSURING THE SECURITY OF PERSONAL DATA
The security of personal data processed by the Operator is ensured by the implementation of legal, organizational, and technical measures necessary to meet the requirements of federal legislation in the field of personal data protection.
To prevent unauthorized access to personal data, the Operator applies the following organizational and technical measures:
- appointment of officials responsible for organizing the processing and protection of personal data;
- limiting the number of persons who have access to personal data;
- organization of accounting, storage and circulation of information carriers;
- checking the readiness and effectiveness of using information security tools;
- use of antivirus tools and tools for restoring the personal data protection system;
5. FINAL PROVISIONS
Other rights and obligations of the Operator as a personal data operator are determined by the legislation of the Russian Federation in the field of personal data.