1. General ProvisionsThis Personal Data Processing Policy has been prepared in accordance with Federal Law No. 152-FZ dated July 27, 2006 “On Personal Data” (hereinafter — the "Personal Data Law") and defines the procedures for processing personal data and the measures taken by LLC “AdAurum Group” (TIN 7814821190) (hereinafter — the "Operator") to ensure the security of personal data.
1.1. The Operator considers compliance with human and civil rights and freedoms when processing personal data, including the right to privacy, personal and family secrecy, to be a fundamental goal and condition for conducting its activities.
1.2. This Privacy Policy (hereinafter — the "Policy") applies to all information that the Operator may receive about visitors of the website
https://finance.adaurum.ru/.
2. Key Terms Used in this Policy2.1.
Automated processing of personal data — processing of personal data using computing technology.
2.2.
Blocking of personal data — temporary suspension of personal data processing (except where processing is necessary for personal data clarification).
2.3.
Website — a set of graphic and informational materials, as well as computer programs and databases, ensuring their accessibility at the network address
https://finance.adaurum.ru/.
2.4.
Personal data information system — a set of personal data contained in databases and the information technologies and technical tools that ensure their processing.
2.5.
Depersonalization of personal data — actions that result in the impossibility of identifying the data subject without the use of additional information.
2.6.
Processing of personal data — any action (operation) or a set of actions (operations) performed with or without the use of automation tools on personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, usage, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7.
Operator — a government authority, municipal authority, legal entity, or individual who independently or jointly with others organizes and/or performs the processing of personal data, and determines the purposes and content of personal data processing.
2.8.
Personal data — any information relating directly or indirectly to an identified or identifiable user of the website
https://finance.adaurum.ru/.
2.9.
Personal data permitted by the data subject for distribution — personal data to which an unlimited number of persons have access, provided by the data subject through consent in accordance with the Personal Data Law.
2.10.
User — any visitor of the website
https://finance.adaurum.ru/.
2.11.
Provision of personal data — actions aimed at disclosing personal data to a specific person or a certain group of persons.
2.12.
Distribution of personal data — any actions aimed at disclosing personal data to an indefinite number of persons, including publication in mass media, placement in information and telecommunication networks, or provision of access to data by any means.
2.13.
Cross-border transfer of personal data — the transfer of personal data to the territory of a foreign state to a foreign government authority, foreign individual, or foreign legal entity.
2.14.
Destruction of personal data — actions resulting in the irreversible elimination of personal data with the inability to further restore the content in the information system and/or the physical destruction of data carriers.
3. Rights and Obligations of the Operator3.1. The Operator has the right to:
— request accurate information and/or documents from the data subject;
— continue processing personal data without the consent of the data subject in cases provided for by the Personal Data Law;
— independently determine the composition and list of measures necessary for fulfilling obligations under the Personal Data Law and relevant regulatory acts unless otherwise stipulated by federal law.
3.2. The Operator must:
— provide the data subject, upon request, with information regarding the processing of their personal data;
— organize data processing in accordance with Russian law;
— respond to inquiries from data subjects and their legal representatives;
— provide information to the authorized body for the protection of personal data subjects’ rights within 10 days upon request;
— publish or otherwise provide unrestricted access to this Policy;
— implement legal, organizational, and technical measures to protect personal data from unauthorized access, destruction, modification, blocking, copying, dissemination, and other unlawful actions;
— cease dissemination, access, and processing of personal data in cases stipulated by the Personal Data Law;
— fulfill other obligations established by the Personal Data Law.
4. Rights and Obligations of Data Subjects4.1. Data subjects have the right to:
— obtain information regarding the processing of their personal data, except in cases provided by federal law;
— request the Operator to clarify, block, or delete their personal data if the data is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose of processing;
— set a condition of prior consent for marketing purposes;
— withdraw consent and request termination of data processing;
— appeal actions or omissions of the Operator to the authorized body or in court;
— exercise other rights granted by Russian law.
4.2. Data subjects are obligated to:
— provide accurate information about themselves;
— notify the Operator about updates or changes to their personal data.
4.3. Persons who provide inaccurate information or data of another subject without consent bear responsibility as per Russian law.
5. Principles of Personal Data Processing5.1. Data processing shall be lawful and fair.
5.2. Processing must be limited to specific, lawful, and predetermined purposes.
5.3. Combining databases containing data for incompatible purposes is prohibited.
5.4. Only data relevant to processing purposes shall be processed.
5.5. The volume and content must correspond to the declared purposes.
5.6. Data must be accurate and up to date; measures shall be taken to correct or delete inaccurate data.
5.7. Data storage must not exceed the period necessary for processing purposes, unless otherwise required by law or contract.
6. Purposes of Personal Data ProcessingPersonal data (surname, first name, patronymic, email, phone numbers) is processed for the execution of agreements concluded between the Operator and the data subject. Types of processing include collection, recording, systematization, accumulation, storage, destruction, depersonalization, email notifications, and transmission to achieve the purposes specified in this Policy.
7. Conditions for Personal Data Processing7.1. Processing is based on the consent of the data subject.
7.2. Processing is necessary for obligations imposed by international treaties or law.
7.3. Processing is necessary for judicial acts or enforcement proceedings.
7.4. Processing is necessary for contract performance involving the data subject.
7.5. Processing is necessary to protect legal interests of the Operator or third parties without violating data subjects’ rights.
7.6. Publicly available personal data may be processed.
7.7. Data processing is carried out in cases where disclosure is required by law.
8. Procedure for Collection, Storage, Transfer, and Other Processing8.1. The Operator ensures the security of personal data through legal, organizational, and technical measures.
8.2. Personal data will not be disclosed to third parties except as required by law or with the data subject’s consent.
8.3. Users may update their personal data by emailing the Operator at
v.ivanova@adaurum.ru with the subject “Updating Personal Data.”
8.4. The duration of processing is limited to the time needed to achieve processing purposes unless otherwise required by contract or law. Consent may be revoked by notifying the Operator via email at the same address with the subject “Withdrawal of Consent.”
8.5. Data collected by third-party services (e.g., payment systems) is processed according to their own privacy policies and agreements.
8.6. Restrictions imposed by the data subject do not apply to processing conducted for public interest under Russian law.
8.7. The Operator ensures the confidentiality of personal data.
8.8. Storage is carried out only as long as needed for processing purposes unless otherwise stipulated by law or contract.
8.9. Processing may cease upon achievement of purpose, expiration of consent, or unlawful processing.
9. List of Actions with Personal Data9.1. The Operator carries out collection, recording, systematization, accumulation, storage, updating, extraction, use, transfer, depersonalization, blocking, deletion, and destruction.
9.2. The Operator may process data automatically, including through telecommunication networks.
10. Cross-Border Transfer of Personal Data10.1. The Operator must notify the authorized body of its intent to transfer personal data abroad.
10.2. Prior to notification, the Operator must obtain information from foreign authorities, individuals, or legal entities about their ability to ensure personal data protection.
11. Confidentiality of Personal DataThe Operator and any other persons with access to personal data are obligated not to disclose or distribute such data without the consent of the data subject, unless otherwise required by law.
12. Final Provisions12.1. Users may contact the Operator at
v.ivanova@adaurum.ru for any questions regarding their personal data.
12.2. Any changes to this Policy will be reflected in this document. The Policy remains valid until it is replaced by a new version.
12.3. The current version of the Policy is publicly available online at
https://finance.adaurum.ru/agreement_en.