POLICY

regarding the processing of personal data

1. GENERAL PROVISIONS
1.1. This Policy is carried out by Creativeium (hereinafter referred to as the “Operator”) in relation to the processing and protection of personal data of individuals and legal entities (personal data subjects).

1.2. The Policy applies to all personal data that may be obtained by the Operator in the course of its activities, including personal data of the Operator’s clients. The processing of personal data by the Operator is carried out in accordance with the following regulations:

1.3. The purpose of the Policy is to provide persons providing their personal data with the necessary information that allows them to assess what personal data and for what purposes are processed by the Operator, what methods of ensuring their security are implemented, as well as establishing the basic principles and approaches to processing and ensuring the security of personal data to the Operator.

1.4. The policy ensures the protection of the rights and freedoms of subjects when processing their personal data using automation tools or without the use of such means, and also establishes the responsibility of persons with access to personal data for failure to comply with the requirements governing the processing and protection of personal data.

1.5. Users, using the services and services of the Operator, services and services posted on the Operator’s website creativeium.com (hereinafter referred to as the Website), by informing the Operator of their personal data, including through the mediation of third parties, acknowledge their consent to the processing of personal data in accordance with this Policy. In case of disagreement with this Policy as a whole, as well as in the case of disagreement with any clause of this Policy, the User must refrain from using the Services.

1.6. The Operator receives and begins processing the Subject’s personal data from the moment of receiving his consent. Consent to the processing of personal data may be given by the Personal Data Subject in a form that allows confirmation of the receipt of consent, unless otherwise provided by federal law:

through the Personal Data Subject performing implicit actions (checking a box under the appropriate form for entering personal data) when using services on the Operator’s website, using feedback forms and accepting offers containing provisions on the processing of personal data in accordance with current legislation. If there is no consent of the Personal Data Subject to the processing of his personal data, such processing is not carried out.
1.7. Consent to the processing of personal data may be withdrawn by the subject of personal data. If the subject of personal data withdraws consent to the processing of personal data, the operator has the right to continue processing personal data without the consent of the subject of personal data if there are grounds specified by current legislation.

1.8. This Policy may be changed by the Operator. The Operator has the right at any time, at its sole discretion, to make changes to this Policy, subject to prior notification to the User of this. When changes are made to the current edition, the date of the last update is indicated. The new edition of the Policy comes into force from the moment it is posted on the web server, unless otherwise provided by the new edition of the Policy.

1.9. This Policy applies only to information about the User obtained during the use of the Operator’s Services. The Operator does not control and is not responsible for the processing of information about the User by third party websites, which the User can access via links available on the Operator’s official web server.

1.10. CONCEPTS USED IN THIS POLICY:
personal data – any information relating to a directly or indirectly identified or identifiable individual and legal entity (subject of personal data)
personal data operator (operator) – a state body, municipal body, legal or natural person, independently or jointly with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data to be processed, actions (operations) performed with personal data;
processing of personal data is any action (operation) or set of actions (operations) with personal data performed with or without the use of automation tools. Processing of personal data includes, but is not limited to: collection; recording; systematization; accumulation; storage; clarification (update, change); extraction; usage; transmission (distribution, provision, access); depersonalization; blocking; deletion; destruction.
automated processing of personal data – processing of personal data using computer technology;
dissemination of personal data – actions aimed at disclosing personal data to an indefinite number of persons;
provision of personal data – actions aimed at disclosing personal data to a certain person or a certain circle of persons;
destruction of personal data – actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which the material media of personal data are destroyed;
personal data information system – a set of personal data contained in databases and information technologies and technical means that ensure their processing;
personal data subject is a natural person directly or indirectly identified or determined on the basis of Personal Data relating to him.
2. CONCEPT AND COMPOSITION OF PERSONAL DATA
2.1. For the purposes of this Policy, personal data means any information relating to a directly or indirectly identified individual and legal entity (subject of personal data).

2.2. Depending on the subject of personal data, the Operator, in order to carry out its activities and fulfill its obligations, may process personal data of the following categories of subjects:

Client data is information necessary for the Operator to fulfill its obligations under the contractual relationship with the Client and to comply with the requirements of the legislation of the Russian Federation. This also includes data provided by potential clients, client representatives authorized to represent clients; managers and chief accountants of legal entities that are clients of the Operator, persons who have entered into civil contracts with the Operator for the provision of the Operator’s services; employees of the Operator’s partners and other legal entities having contractual relations with the Operator, with whom the Operator’s employees interact as part of their activities;
personal data of the Client provided when registering on the Website, as well as when using services, communication forms posted on the Website;
personal data of other individuals who have expressed consent for the Operator to process their personal data or individuals whose personal data processing is necessary for the Operator to achieve its goals.
personal data of individuals and legal entities that they have made publicly available, and their processing does not violate their rights and complies with the requirements established by the Law on Personal Data.
2.3. The Operator hereby brings to the attention of the Personal Data Subjects that, within the framework provided on the Website by the Operator, subject to the consent of the Personal Data Subject to the processing of personal data, expressed by checking the appropriate box under the personal data collection form or clicking on the appropriate button, it can carry out processing of the following personal data: first name, last name, telephone number; email address (E-mail).

3. GROUNDS AND PURPOSE OF PROCESSING PERSONAL DATA
3.1. The Operator processes personal data to carry out its activities, including to provide services to Clients. The operator has the right:

The Operator collects and stores the Client’s personal data necessary for the provision of services, execution of agreements and contracts, and fulfillment of obligations to the Client.
3.2. The operator processes personal data only if at least one of the following conditions exists:

processing of personal data is carried out with the consent of the subject of personal data to the processing of his personal data;
processing of personal data is necessary for the execution of an agreement to which the subject of personal data is a party or beneficiary or guarantor, as well as for concluding an agreement on the initiative of the subject of personal data or an agreement under which the subject of personal data will be a beneficiary or guarantor;
the processing of personal data is necessary to exercise the rights and legitimate interests of the Company or third parties or to achieve socially significant goals, provided that the rights and freedoms of the subject of personal data are not violated;
processing of personal data is carried out, access to an unlimited number of persons is provided by the subject of personal data or at his request;
processing of personal data subject to publication or mandatory disclosure in accordance with federal law is carried out.
3.3. The operator and other persons who have access to personal data are obliged not to disclose to third parties or distribute personal data without the consent of the subject of personal data, unless otherwise provided by federal law.

3.4. The operator may process personal data of personal data subjects for the following purposes:

to identify the subject of personal data;
to communicate with the subject of personal data if necessary, including sending proposals, notifications, information and requests, both related and not related to the provision of services, as well as processing the Client’s statements, requests and applications;
improving the quality of services provided by the Operator.
3.5. The Processing of special categories of Personal Data relating to race, nationality, political views, religious or philosophical beliefs, intimate life is not carried out by the Operator.

4. TERMS FOR PROCESSING PERSONAL DATA
4.1. The terms of processing of personal data are determined based on the purposes of processing in the Operator’s information systems, in accordance with the duration of the contract, agreement with the subject of personal data.

4.2. The condition for terminating the processing of personal data may be the achievement of the goals of processing personal data in accordance with the terms of the agreement concluded between the Operator and the subject of personal data, the expiration of the consent or withdrawal of the consent of the subject of personal data to the processing of his personal data, as well as the identification of unlawful processing of personal data.

5. RANGE OF PERSONS PERMITTED TO PROCESS PERSONAL DATA
5.1. To achieve the goals of Article 3 of this Policy, only those employees of the Operator who are assigned such a duty in accordance with their official (labor) responsibilities are allowed to process personal data. Access to other employees may only be granted in cases provided by law. The operator requires its employees to maintain confidentiality and ensure the security of personal data when processing it.

5.2. The operator has the right to transfer personal data to third parties in the following cases:

The subject of personal data has clearly expressed his consent to such actions;
In this case, all obligations to comply with the terms of this Policy in relation to the data received by him are transferred to the acquirer.

5.3. Upon a reasoned request from the authorized body and in accordance with current legislation, the personal data of the subject without his consent may be transferred to:

in connection with the administration of justice to the judicial authorities;
to the police, federal security service, prosecutor’s office, investigative committee;
to other bodies and the Operator authorized by current legislation and applicable legal norms in cases established in regulatory legal acts binding on the operator.
6. PROCEDURE AND METHODS FOR PROCESSING PERSONAL DATA
6.1. In the process of providing services, when carrying out intra-business activities, the Operator uses automated and non-automated processing of personal data.

6.2. The Operator has the right to entrust the Processing of Personal Data to another person with the consent of the Personal Data Subject, on the basis of an agreement concluded with this person, a mandatory condition of which is compliance by this person with the principles and rules of Processing Personal Data provided for by the Federal Law “On Personal Data”.

6.3. Personal data is not disclosed to third parties or distributed in any other way without the consent of the Personal Data Subject.

6.4. Representatives of government authorities (including regulatory, supervisory, law enforcement and other authorities) receive access to Personal Data processed by the Operator to the extent and in the manner prescribed by law.

6.5. As part of the processing of personal data, the following rights are defined for the Personal Data Subject and the Operator.

6.5.1. The subject of personal data has the right:

receive information regarding the processing of his personal data in the manner, form and time frame established by the Law on Personal Data;
demand clarification of your personal data, their Blocking or Destruction if the personal data is incomplete, outdated, unreliable, illegally obtained, is not necessary for the stated purpose of processing or is used for purposes not previously stated when the Personal Data Subject provided consent to the processing of personal data data;
take measures provided by law to protect your rights;
withdraw your consent to the processing of personal data.
6.5.2. The operator has the right:

process personal data of the Personal Data Subject in accordance with the stated purpose;
require the Personal Data Subject to provide reliable personal data necessary for the execution of the contract, provision of services, identification of the Personal Data Subject, as well as in other cases provided for by the Law on Personal Data; limit the Personal Data Subject’s access to his personal data if the Processing of personal data is carried out in accordance with the legislation on combating the legalization (laundering) of proceeds from crime and the financing of terrorism, the Personal Data Subject’s access to his personal data violates the rights and legitimate interests third parties;
process publicly available personal data of individuals and legal entities;
entrust the processing of personal data to another person with the consent of the Personal Data Subject.
6.6. If it is confirmed that personal data is inaccurate or that its processing is illegal, the personal data must be updated by the operator, and processing must be stopped.

6.7. When the goals of processing personal data are achieved, as well as in the event that the subject of personal data withdraws consent to their processing, personal data is subject to destruction if:

otherwise is not provided for by the agreement to which the subject of personal data is a party, beneficiary or guarantor;
The operator does not have the right to process without the consent of the subject of personal data on the grounds provided for by the Federal Law “On Personal Data” or other federal laws;
otherwise is not provided for in another agreement between the Operator and the subject of personal data.
6.8. The operator is obliged to inform the subject of personal data or his representative information about the processing of personal data of such subject at the request of the latter.

6.9. The operator also has other rights and bears other obligations established by the Federal Law “On Personal Data”.

7. All suggestions or questions regarding this Privacy Policy should be sent to admin@creativeium.com