Moscow «30» May 2017
This Personal Data Confidentiality Protection Policy (hereinafter referred to as the Confidentiality Protection Policy) is applicable in respect to all information which the Grasys website at the domain name www.grasys.com may obtain about the User in course of use of the website, software and products of the website.
1. DEFINITIONS FOR TERMS
1.1 The following terms are used in this Confidentiality Protection Policy:
1.1.1. «Website Administration (hereinafter referred to as the Website Administration)» — staff authorized to administer the website, acting on behalf of the JSC «Grasys», who arrange and (0r) carry out processing of personal data and also define the objectives of personal data processing, content of the personal data subject to processing, performing actions (operations) with the personal data.
1.1.2. «Personal data» — any information directly or indirectly related with a physical person (subject of the personal data) identified or being identified.
1.1.3. «Personal data processing» — any action (operation) or an aggregate of actions (operations) carried out through automation aids or without such aids in respect of the personal data, including collection, recording, systematization, compilation, storage, adjustment (updating, amending), retrieval, use, transfer (distribution, presentation, access), anonymising, blocking, deletion and destruction of the personal data.
1.1.4. «Confidentiality of the Personal Data» — a requirement binding for the Operator or other persons who have got access to the personal data to prevent their distribution without the consent of the subject of the personal data or other legitimate reason.
1.1.5. «Website User (hereinafter referred to as the User)» — a person having access to the Website through the Internet and using the Website.
1.1.6. «Cookies» — small pieces of information sent by a web-server and stored in the user’s computer and sent by a Web-Client or a Web browser to the Web server in an HTTP message on every attempt to open a page of the respective website.
1.1.7. «IP-адрес» — a unique IP address of the host in the IP-backbone computer network.
2. GENERAL PROVISIONS
2.1. Use of the website by the User means acceptance of this Confidentiality Protection Policy and the terms and conditions of the User’s personal data processing.
2.2. On non-acceptance of the terms and conditions of the Confidentiality Protection Policy the User shall immediately discontinue using the website.
2.3.This Confidentiality Protection Policy is applicable only to the Website www.grasys.ru. The Website neither controls nor is liable for third parties' websites where the User might go through the links available on the website.
2.4. Website Administration does not check validity of the personal data provided by the Website User.
3. SUBJECT TO THE CONFIDENTIALITY PROTECTION POLICY
3.1. This Confidentiality Protection Policy specifies commitments of the Website Administration on non-disclosure and securing confidentiality protection mode for the personal data which the User provides under the request of the Website Administration while sending a request for equipment, sending a request for training, sending a request for maintenance services, on requesting of a call-back or a feedback.
3.2. The User provides the personal data permitted for processing within the context of this Confidentiality Protection Policy through fill-in of a Registration Form on the Website www.grasys.com in the Sections «Equipment Request «, «Maintenance Service Request «, «Training Request «, «Client Support Callback Request» and comprise the following details:
3.2.1. Family Name, Personal Name and Patronym of the User;
3.2.2. User’s Telephone Contact Number;
3.2.3. Email Address;
3.2.4. Company Name;
3.2.5. Mode of communication with the User;
3.2.6. Products being of interest to the User;
3.2.7. Training Program for the User;
3.2.8. Works requested;
3.2.9. Type of equipment for maintenance services;
3.2.10. Communications channel.
3.3. The Website collects the Data which are automatically communicated during browsing of ad units and visiting pages where statistics script of the system («pixel») is installed:
- IP address;
- Data from cookies;
- Information about the browser (or other software accessing to ads view);
- Access time;
- Address of the page containing the ad unit;
- Referrer (address of the previous page).
3.3.1. Deactivation of cookies might result in inaccessibility of parts of the Website where authorization is required.
3.3.2. The Website collects statistics of IP-addresses of its visitors. This information is used in order to reveal and resolve technical issues.
3.4. Any other personal data which is not conditioned above (clickstream, browsers used, etc.) are subject to safe storage and non-disclosure, save the cases specified in para. 5.2. and
3.5. of this Confidentiality Protection Policy.
4. OBJECTIVES OF USER’S PERSONAL DATA ACQUISITION
4.1. The Website Administration may use the User’s Personal data for the purposes of:
4.1.1. Providing the User with access to personalized resources of the Website.
4.1.2. Establishing feedback with the User, including sending of notifications, requests regarding use of the Services Website, processing of User’s orders and requests.
4.1.3. Localization of the User in order to ensure safety, to prevent fraud.
4.1.4. Validation of accuracy and completeness of the data provided by the User.
4.1.5. Providing the User with efficient clients and technical support when problems arise related to use of the Website.
4.1.6. Providing the User, subject to his/her consent, with updates on products, special offers, information on prices, newsletters and other information on behalf of Website partners.
4.1.7. Carrying out advertising activities subject to User’s consent.
4.1.8. Providing the User with access to websites or services of Website partners in order to obtain products, updates and services.
5. METHODS AND TIMEFRAMES OF PERSONAL DATA PROCESSING
5.1. Processing of User’s personal data is carried out without limitation of time, in any lawful way, including personal data information management systems with application of automation aids or without such aids.
5.2. The User agrees that the Website Administration may transfer the personal data to third parties, including courier services, post offices, telecom carriers, solely for the purposes of execution of the User’s order placed on the Website «www.grasys.com».
5.3. Personal data of the User may be provided to the government authorities of the Russian Federation only on the grounds and according to the procedure established by legislation of the Russian Federation.
5.4. On loss or disclosure of personal data the Website Administration shall notify the User on the loss or disclosure of the personal data.
5.5. The Website Administration takes the necessary organizational measures and technical controls for protection of User’s personal data against unauthorized or accidental access, destruction, amending, blocking, copying, distribution as well as other illegal actions of third parties.
5.6. The Website Administration together with the User takes all necessary measures on prevention of losses or other adverse effects, caused by loss or disclosure of User’s personal data.
6. COMMITMENTS OF THE PARTIES
6.1. The User shall:
6.1.1. Provide information on the personal data required for using the Website.
6.1.2. Update the submitted information on the personal data shall this information be changed.
6.2. The Website Administration shall:
6.2.1. Use the received information solely for the purposes stated in para. 4 of this Confidentiality Protection Policy.
6.2.2. To ensure storage of the confidential information in secrecy, not to disclose without prior written consent of the User, and also not to sell, change, publish nor to disclose submitted personal data of the User in any other possible ways, save para. 5.2. and 5.3. of this Confidentiality Protection Policy.
6.2.3. Take precautions for protection of User’s personal data confidentiality as per the procedure usually applied in order to protect information of such nature in the existing business practices.
6.2.4. To block personal data related to the respective User from the moment of application or request of the User or his/her legal representative or an authorized agency on protection of personal data subjects rights for the period of examination, shall inaccurate personal data or illegal actions be revealed.
7. LIABILITIES OF THE PARTIES
7.1. The Website Administration, which failed to fulfill its commitments shall be held liable for the losses incurred by the User due to wrongful use of the personal data, as per the legislation of the Russian Federation, save the cases provided by para. 5.2., 5.3. and 7.2. of this Confidentiality Protection Policy.
7.2. On loss or disclosure of the Confidential information, the Website Administration shall not be held liable if this confidential information:
7.2.1. Became publicly available prior to its loss or disclosure.
7.2.2. Was received from a third party before it was received by the Website Administration.
7.2.3. Was disclosed by the User’s consent.
8. RESOLUTION OF DISPUTES
8.1. Prior to reference to the court with an action under the controversy arising from relations between the Website User and the Website Administration, submission of claim (a proposal in writing on voluntary settlement of dispute) is mandatory.
8.2 .Recipient of the claim shall, within 30 calendar days from the date of claim receipt, notify the claimant in writing on results of claim review.
8.3. Shall no agreement be achieved, the dispute shall be submitted to the court of justice as per the effective legislation of the Russian Federation.
8.4. Current legislation of the Russian Federation shall be applicable to this Confidentiality Protection Policy and relations between the User and the Website Administration.
9. AUXILIARY CONDITIONS
9.1. The Website Administration may amend this Confidentiality Protection Policy without User’s consent.
9.2. A new Confidentiality Protection Policy shall take effect from the moment when published on the Website, save otherwise provided by a new version of the Confidentiality Protection Policy.
9.3. All proposals or questions regarding this Confidentiality Protection Policy should be addressed to the section «Contact» at the address: email@example.com
9.4. The Confidentiality Protection Policy in force is published on the page at the address www.grasys.com/company/
Updated on «30» May 2017