POLICY REGARDING THE PROCESSING AND STORAGE OF PERSONAL DATA. INFORMATION ON IMPLEMENTED REQUIREMENTS FOR PERSONAL DATA PROTECTION
This document defines the Policy of CH GOLD MINING LLC (hereinafter - the Company) regarding the processing and storage of personal data, in accordance with the requirements of Art. 18.1 of the Federal Law of July 27, 2006 No. 152-FZ "On Personal Data." website on the Internet at:
https://sngoldmining.ru/hereinafter referred to as the “Site”), which the Company can receive about the User (Applicant) while using the Site, its services, programs and products. data; in case of disagreement with these conditions, the User must refrain from using the services offered by the Site. 1. GENERAL CONDITIONS 1.1. The Company understands and considers one of the highest values the privacy of Users, as well as the need to ensure the confidentiality and security of information received from them, including but not limited to their personal data. This Policy defines the main directions and principles of the Company's activities in processing information received from Users. 1.3. The company is the operator of the received personal data. 1.4. To comply with the purpose of this document, the abbreviations and terms used in it correspond to the following definitions, unless otherwise indicated directly or follows from the meaning of the relevant article of this document: Company - SN GOLD MINING LLC. Processing of personal data - any action (operation) or a combination actions (operations) with personal data performed using automation tools or without using such tools, including collection, recording, systematization, accumulation, storage, clarification (deletion, modification), extraction, use, transfer (provision, distribution, access), depersonalization, blocking, deletion, destruction of personal data. The subject of personal data is an individual, The site collects and stores only those personal data that are necessary to provide services to the User. 2.2. The Site processes the User's personal data for the following purposes: 2.2.1. identification of the User as an Applicant for vacant positions; 2.2.2. conducting a preliminary interview and / or video interview; 2.2.3. sending notifications, requests and information regarding the use of the services and services of the Site, contacting in any other way for the execution of this Agreement, processing requests and requests from the User; 2.2.4. improving the quality of services and services of the Site, ease of use, development of new services of the Site; 2.2.5. sending any information messages to the provided email address and / or phone number; 2.2.6. conducting statistical and other research; 2.2.7. confirmation of the accuracy and completeness of the personal data provided by the User; 2.2.8. notification of the Site User about the update of materials on the Site; 2.2.9. providing the User with effective customer and technical support in the event of problems related to the use of the Site. 3. PRINCIPLES OF PROCESSING CONFIDENTIAL DATA 3.1. In the Company, the processing of personal data on the Site is carried out in compliance with the following principles: - admissibility: all PD must be processed legally, as well as on the basis of good faith, fairness and reasonableness; - Purposefulness (functionality): PD should be obtained only to achieve specific, in advance specific and legitimate purposes specified in clause 2.2 of the Policy. It is not allowed to process PD for purposes incompatible with previously defined and contradicting them; - sufficiency (compliance): the content and volume of the processed PD must correspond to the stated processing objectives. Processing of PDs that are redundant in relation to the stated processing goals is not allowed. Storage of PD after reaching the goal of their processing and / or the loss of the need to achieve previously stated goals is unacceptable; - reliability: when processing PD, accuracy must be ensured, as well as their relevance in relation to the established processing goals; - determinability: storage of PD should be carried out in the form , which allows you to determine the Subject of personal data; - responsibility: when processing PD, the rights of the Subject of personal data must be respected, including the right to receive information regarding the processing of his PD, to the extent stipulated by the current legislation; - security: when processing PD, the necessary legal, organizational and technical measures must be taken to protect PD from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of PD, as well as from other illegal actions in relation to them. When collecting personal data using the Site, the Company ensures the recording, systematization, accumulation, storage, clarification (update, change), extraction of personal data using databases located on the territory of the Russian Federation. 3.3. Cross-border transfer of PD on the territory of foreign states that do not provide adequate protection of the rights of Personal Data Subjects is not allowed, except for cases provided for by current legislation. 3.4. In case of modification or destruction of PD due to unauthorized access to them, the Company is obliged to ensure the possibility of their recovery. The company has the right to entrust the processing of PD for the purposes provided for in clause 2.2 of the Policy to a third party that has undertaken to comply with the principles and conditions for processing PD established by this Policy and current legislation. All of the above principles are the priorities of the Company when determining the procedure for processing PD and organizing the work of the Site. 3.7. The subject of personal data (User) has the right: 3.7.1. by sending a request to the Company to withdraw his consent to the processing of PD and / or to receive information regarding the processing of his PD; 3.7.2. require the Company to clarify PD, block them or destroy PD if they are incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purposes of processing; 3.7.3. protect their rights and legitimate interests, including the right to compensation for losses and / or compensation for moral damage in court; 3.7.4. the subject of personal data has other rights provided for by the current legislation. 3.8. The Site Administration is obliged to: 3.8.1. use the information received solely for the purposes specified in this Policy; 3.8.2. to ensure the storage of the User's personal data in secret, and also not to sell, exchange, publish or distribute the transferred User's personal data in any other possible way, except as provided by the legislation of the Russian Federation and this Policy; 3.8.3. take the necessary and sufficient measures to protect the User's personal data from illegal actions with them in accordance with the requirements established by the legislation of the Russian Federation; 3.8.4. to block personal data related to the relevant User from the moment of contact or request of the User, or his legal representative or an authorized body for the protection of the rights of subjects of personal data for the period of verification in case of unlawfully processed and inaccurate personal data. PROTECTION OF PERSONAL DATA 4.1. In order to exercise proper control over the processing of PD, as well as to ensure the safety and confidentiality of PD, the Company takes the necessary organizational and technical measures, including not limited to the following: protection of PD from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of PD, as well as from other illegal actions in relation to PD; appointment of persons responsible for the processing and storage of personal data; detection of unauthorized access to personal data and taking measures to restore personal data modified or destroyed due to unauthorized access to them; establishment of rules for access to personal data processed in the personal data information system, ensuring registration and accounting of all actions performed in the information system with personal data; conducting proceedings and drawing up opinions on the facts of non-compliance with the storage conditions of personal data carriers, use of information protection tools to prevent actions that may lead to a violation of the confidentiality of personal data or other violations that lead to a decrease in the level of protection of personal data, the development and adoption of measures to prevent the possible dangerous consequences of such violations; implementation of internal control and audit over the organization of processing and ensuring the security of personal data. 4.2. The processing of the User's personal data is carried out until the processing goals specified in the Policy are achieved, in case of loss of the need to achieve these goals and / or when the User revokes his consent to the processing of personal data in any legal way, including in personal data information systems using automation tools or without using such means. 4.2.1. In case of refusal to hire, the information provided by the Jobseeker is subject to destruction within 30 days from the date of such a decision, unless the Jobseeker has expressed a desire to continue processing it to select a job in the future with the consent given to the Company to process personal data. When disclosing personal data, the Site Administration informs the User about such an event in an accessible way. The Site Administration together with the User takes all necessary measures to prevent losses or other negative consequences caused by the loss or disclosure of the User's personal data. 5. TERMS OF PROCESSING OF USERS 'PERSONAL DATA AND ITS TRANSFER TO THIRD PARTIES 5.1. With regard to the User's personal data, their confidentiality is maintained, except in cases of voluntary provision by the User of information about himself for general access to an unlimited number of persons. 5.2. The site has the right to transfer the User's personal information to third parties in the following cases: 5.2.1. the user has consented to such actions; 5.2.2. the transfer is necessary for the User to use a certain service or to fulfill a certain agreement or contract with the User; 5.2.3. the transfer is provided for by Russian or other applicable law within the framework of the procedure established by law. 6. RESPONSIBILITY OF THE PARTIES 6.1. The Site Administration, which has not fulfilled its obligations, is liable for losses incurred by the User in connection with the illegal use of personal data, in accordance with the legislation of the Russian Federation. In case of loss or disclosure of confidential information, the Site Administration is not responsible if this confidential information: 6.2.1. became public domain before its loss or disclosure by the Site Administration; 6.2.2. was received from a third party prior to its receipt by the Site Administration from the User; 6.2.3. was distributed with the consent of the User. 6.3. Persons guilty of violating the rules governing the receipt, processing and protection of PD may be brought to financial, disciplinary, administrative, civil or criminal liability in the manner established by the legislation of the Russian Federation. 7. RESOLUTION OF DISPUTES 7.1. Before going to court with a claim for disputes arising from the relationship between the Site User and the Site Administration, it is obligatory to submit a claim (a written proposal for a voluntary settlement of the dispute) .7.2. The recipient of the claim within 14 (fourteen) calendar days from the date of receipt of the claim shall notify the applicant of the claim in writing about the results of the consideration of the claim. 7.3. If an agreement is not reached, the dispute will be referred to the court in accordance with the current legislation of the Russian Federation. The current legislation of the Russian Federation applies to this Policy and the relationship between the User and the Site Administration. 8. ADDITIONAL TERMS 8.1. The Site Administration has the right to make changes to this Policy without the consent of the User. 8.2. The new Policy comes into force from the moment it is posted on the Site, unless otherwise provided by the new edition of the Policy. 8.3.