Privacy Policy

The provisions concerning the processing of personal data and the protection of personal data in the databases, which is the owner of the seller

Contents

1. General concept and scope.

2. The list of personal data.

3. The purpose of processing personal data.

4. The order processing of personal data, obtaining consent, notification of rights and actions of the personal data subject's personal data.

5. Location of the personal data.

6. disclosure of personal data to third parties.

7. Protection of personal data: how to protect responsible person staff directly involved in processing and / or access to personal data in connection with their official duties, term storage of personal data.

8. The rights of the subject of personal data.

9. How to Work with the subject of personal data requests.

10. The state registration of personal data.

1. General concept and scope.

1.1. Definitions:

database of personal data - referred ordered set of personal data in electronic form and / or in the form of card indexes of personal data;

Officials - defined entity that organizes the work related to the protection of personal data in their treatment, according to the law;

the holder of the personal data - the person or entity to whom the law or with the consent of personal data subject has the right to processing the data, the purpose of approving the processing of personal data in the database, the composition of these sets of data and processing procedures, unless otherwise defined by law;

State Register of personal data - a single state information system for collection, storage and processing of data about registered the personal data;

public sources of personal data - books, address books, registers, lists, directories and other systematic collections of public information containing personal information posted and published with the consent of the subject of personal data.

Not considered public records personal data social networks and online resources, in which the subject of personal data leaving your personal data (unless the subject of personal data is explicitly stated that personal data are for their free distribution and use);

consent of the subject of personal data - any documented, voluntary will of an individual to permit the processing of personal data in accordance with the objectives set out processing;

depersonalization of personal data - extracting information that allow identification of the person;

processing of personal data - any act or set of acts done in whole or in part in information (automated) system and / or the filing of personal data related to the collection, recording, accumulation, storage, adaptation, alteration, restoration, using and distribution (distribution, sale, transfer), depersonalization, destruction of information about an individual;

personal data - data or aggregate data about an individual who is identified or can be specifically identified;

Managing personal database - a natural or legal person to whom the owner of the personal data or legally have the right to process the data.

Do not be the manager of the personal data the person to whom the owner and / or manager of the personal data entrusted to carry out technical work on the basis of personal data without access to the content of personal data;

subject of personal data - an individual in respect of which under the law of its process the personal data;

third person - any person except the subject of personal data, or the holder of a personal database and state authority on personal data protection, which the owner or manager of the personal data is transmitted personal data in accordance with the law;

special categories of data - personal information about racial or ethnic origin, political, religious or ideological beliefs, membership of political parties and trade unions, as well as data concerning health or sex life.

1.2. This provision is mandatory for the responsible person and vendor staff directly involved in processing and / or access to personal data in connection with their official duties.

2. The list of personal data.

2.1. Seller is the owner of these personal databases:

• Personal Data base counterparties.

3. The purpose of processing personal data.

3.1. The purpose of the processing of personal data in the system is data storage and maintenance contractors, in accordance with Articles 6 and 7 of the Law of Ukraine "On Personal Data Protection" :.

3.2. The purpose of processing personal data is to ensure civil relations, providing / receiving and making payments for goods / services under the Tax Code of Ukraine, the Law of Ukraine "On Accounting and Financial Reporting in Ukraine".

4. The order processing of personal data, obtaining consent, notification of rights and actions of the personal data subject's personal data.

4.1. The consent of the subject of personal data must be voluntary will of an individual to permit the processing of personal data in accordance with the objectives set out processing. The consent of the subject of personal data can be provided in the following forms:

• document on paper with the details, which makes it possible to identify the document and the individual;

• electronic document must contain the required details, enabling to identify the document and the individual. Voluntary will of the individual to permit the processing of personal data expedient electronic signature to certify the subject of personal data.

• mark on the web page document or electronic file that is processed in the information system on the basis of documented software and hardware solutions.

4.2. The consent of the subject of personal data provided during the registration of civil relations in accordance with applicable law.

4.3. Post subject of personal data for inclusion of personal data to the personal data, the rights defined by the Law of Ukraine "On Personal Data Protection", the purpose of data collection and those who transferred his personal data carried out at the time of civil relations in accordance with applicable legislation.

4.4. Processing of personal data on racial or ethnic origin, political, religious or ideological beliefs, membership of political parties and trade unions, as well as data concerning health or sex life (special categories of data) is prohibited.

5. Location of the personal data.

5.1. Mentioned in Section 2 of this Regulation the personal data are at seller.

6. disclosure of personal data to third parties.

6.1. The procedure for access to personal data to third parties determined by the consent of the subject of personal data provided by the holder of the personal data for processing such data, or in accordance with law.

6.2. Access to personal data to third parties is not available if the said person refuses to commit to the requirements of the Law of Ukraine "On Personal Data Protection" or unable to provide them.

6.3. An relations connected with personal data, requesting for access (hereinafter - the request) to the personal data holder of the personal data.

6.4. The request shall include:

• surname, name, place of residence (location) and details of the document certifying the individual who submitted the request (for an individual - applicant);

• name, address legal person submitting the request, position, name, name of the person who certifies the request; confirm that the contents of the request meets the powers of a legal entity (for legal entities - the applicant);

• surname, name and other information enabling to identify an individual in respect of whom the request is made;

• For a personal data in relation to which the request is made, or information about the holder or manager of this framework;

• a list of personal data that is requested;

• The purpose of the request.

6.5. Term study on the subject of his inquiry pleasure not exceed ten working days of its receipt.

During this period, the holder of the personal data shall inform the person submitting the request, the request will be satisfied or relevant personal data will not be provided, indicating the reasons specified in the relevant legal act.

Request satisfied within thirty calendar days of its receipt, unless otherwise provided by law.

6.6. All employees of the holder of the personal data are obliged to follow the requirements of confidentiality of personal data and information on the securities accounts and securities.

6.7. Delaying access to personal data to third parties is permitted if the required data can not be provided within thirty calendar days of receipt of the request. The total term issues raised in the request can not exceed forty-five days.

6.8. Notice of postponement communicated to the third party who has filed a request in writing explaining the procedure of appeal.

6.9. The notice of postponement shall specify:

• surname, name and patronymic officer;

• the date of sending the message;

• reason for postponement;

• the period during which the request will be granted.

6.10. Denial of access to personal data is allowed if access to them is prohibited by law.

6.11. The notice of refusal shall include:

• first name, middle name of the official who refuses access;

• the date of sending the message;

• the reason for refusal.

6.12. The decision to delay or denial of access to personal data may be appealed to the authorized state body for the protection of personal data, other state agencies and local governments, whose powers to exercise personal data protection, or the court.

7.1. The holder of personal data and the system is equipped with software and hardware and communication to prevent loss, theft, unauthorized destruction, distortion, imitation, copying information and comply with international and national standards.

7.2. Person organize work related to the protection of personal data in their treatment, according to the law. Person is determined by the order of the holder of the personal data.

Duties of the person responsible for the organization of the work related to the protection of personal data processed when they are specified in the job description.

7.3. Person must:

• Know the law of Ukraine on the protection of personal data;

• Develop procedures for access to personal data of employees according to their professional or official duties or employment;

• ensure compliance by employees of the holder of the personal data legislation of Ukraine on the protection of personal data and internal documents regulating activity of the holder of the personal data processing and protection of personal data in databases of personal data;

• develop a procedure (procedure) internal control over compliance with the legislation of Ukraine in the field of protection of personal data and internal documents regulating activity of the holder of the personal data processing and protection of personal data in databases of personal data, which, in particular, should include provisions on Frequency such control;

• notify the holder of the personal data of employees of violations of legislation of Ukraine on the protection of personal data and internal documents regulating activity of the holder of the personal data processing and protection of personal data in databases of personal data not later than one business day after detection of violations;

• secure storage of documents confirming the provision of personal data subject consent to the processing of their personal data and message specified subject of his rights.

7.4. In order to perform their duties responsible person may:

• obtain the necessary documents, including orders and other administrative documents issued by the holder of the personal data relating to the processing of personal data;

• make copies of received documents, including copies of files of any records stored in local area networks and autonomous computer systems;

• participate in the discussion of the duties performed work related to the protection of personal data in their treatment;

• Contribute to the proposals for improving the operation and improvement of working methods, to submit comments and options eliminate shortcomings in the processing of personal data;

• receive an explanation on the implementation of the processing of personal data;

• sign documents and vise within its competence.

7.5. Employees directly involved in processing and / or access to personal data in connection with their official (employment) duties are required to comply with the legislation of Ukraine on the protection of personal data and internal documents processing and protection of personal data in databases of personal data.