Privacy Policy on Personal Data Processing
1. General Provisions.
This Personal Data Processing Policy is prepared in accordance with Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” (hereinafter — the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data implemented by Sole Proprietor Anastasia Evgenevna Tselueva (hereinafter — the Operator).
1.1. The Operator considers the observance of human and civil rights and freedoms when processing personal data, including the protection of the rights to privacy, personal and family confidentiality, as the most important goal and condition for carrying out its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter — the Policy) applies to all information that the Operator may receive about visitors to the website https://luxapartmoscow.ru/.
2. Basic Terms Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computing technology.
2.2. Blocking of personal data — temporary termination of processing personal data (except when processing is necessary to clarify personal data).
2.3. Website — a set of graphic and information materials, as well as computer programs and databases ensuring their availability on the internet at https://luxapartmoscow.ru/.
2.4. Information system of personal data — a set of personal data contained in databases and technologies and technical means enabling their processing.
2.5. Anonymization of personal data — actions that make it impossible to identify, without additional information, the belonging of personal data to a specific User or another subject of personal data.
2.6. Personal data processing — any action (operation) or a set of actions performed with or without automation tools, including collection, recording, systematization, accumulation, storage, clarification (updating or modification), retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.
2.7. Operator — a state body, municipal body, legal entity, or individual that organizes and/or carries out the processing of personal data independently or jointly with other persons, as well as determines the purposes of processing personal data, the composition of personal data to be processed, and actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable User of the website https://luxapartmoscow.ru/.
2.9. Personal data made publicly available by the data subject — personal data to which the data subject has provided access to an unlimited number of persons by giving consent under the procedure stipulated by the Personal Data Law (hereinafter — personal data allowed for distribution).
2.10. User — any visitor of the website https://luxapartmoscow.ru/.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Distribution of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or making personal data available to an unlimited number of persons, including publication in the media, posting in information and telecommunication networks, or providing access in any other way.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state, to a foreign government body, foreign individual, or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irreversible destruction of personal data, preventing further recovery, as well as destruction of physical media containing personal data.
3. Rights and Obligations of the Operator
3.1. The Operator has the right to:
— receive reliable information and/or documents containing personal data from the data subject;
— continue processing personal data without consent if the data subject withdraws such consent, provided there are grounds stated in the Personal Data Law;
— independently determine the measures necessary and sufficient to ensure compliance with legal obligations, unless otherwise specified by federal laws.
3.2. The Operator is obliged to:
— provide the data subject with information regarding the processing of their personal data upon request;
— organize personal data processing in accordance with current legislation of the Russian Federation;
— respond to inquiries and requests of data subjects or their legal representatives as required by law;
— provide necessary information to the authorized body for the protection of personal data subjects within 10 days upon request;
— publish or otherwise ensure unlimited access to this Personal Data Policy;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, distribution, and other unlawful actions;
— stop transferring (distributing) personal data, cease processing, and destroy personal data in accordance with the Personal Data Law;
— fulfill other obligations established by law.
4. Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information regarding the processing of their personal data, except as provided by federal law. Provided information must not contain personal data of other subjects unless there are legal grounds for disclosure;
— demand clarification, blocking, or destruction of their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose;
— require prior consent for personal data processing for marketing purposes;
— withdraw consent for personal data processing or demand termination of processing;
— appeal unlawful actions or inaction of the Operator to the authorized body or court;
— exercise other rights established by law.
4.2. Personal data subjects must:
— provide accurate information about themselves to the Operator;
— inform the Operator about clarification (updating, modifying) of their personal data.
4.3. Persons who provided inaccurate data or disclosed data of another person without consent bear responsibility in accordance with Russian law.
5. Principles of Personal Data Processing
5.1. Processing is carried out lawfully and fairly.
5.2. Processing is limited to specific, predetermined, and legitimate purposes.
5.3. Combining databases with incompatible processing purposes is not allowed.
5.4. Only personal data relevant to processing purposes may be processed.
5.5. The content and scope of processed personal data must comply with the stated purposes.
5.6. The Operator ensures accuracy, sufficiency, and relevance of processed personal data and takes measures to delete or clarify incomplete or inaccurate data.
5.7. Personal data is stored no longer than required for processing purposes unless federal law specifies otherwise. Upon achieving processing goals, data is deleted or anonymized.
6. Purposes of Personal Data Processing
Purpose of processing: conclusion, execution, and termination of civil-law contracts
Personal data processed:
— last name, first name, patronymic
— email address
— phone numbers
Legal grounds:
— contracts between the Operator and the data subject
— Federal Law “On Information, Information Technologies, and Information Protection” No. 149-FZ of July 27, 2006
Types of processing:
— collection, recording, systematization, accumulation, storage, destruction, anonymization
— sending informational emails to the data subject’s email address
7. Conditions for Personal Data Processing
7.1. Processing is performed with the consent of the data subject.
7.2. Processing is necessary to achieve objectives established by law or international treaties.
7.3. Processing is necessary to administer justice or enforce judicial acts.
7.4. Processing is necessary to perform or conclude a contract with the data subject.
7.5. Processing is necessary to protect the legitimate interests of the Operator or third parties, provided this does not violate the rights of the data subject.
7.6. Processing is carried out for publicly available personal data.
7.7. Processing is carried out when personal data must be published or disclosed under federal law.
8. Procedure for Collection, Storage, Transfer, and Other Types of Personal Data Processing
The Operator ensures the security of personal data through legal, organizational, and technical measures required to fully comply with applicable legislation.
8.1. The Operator ensures the safekeeping of personal data and prevents unauthorized access.
8.2. Personal data will never be transferred to third parties except as required by law or with the data subject’s consent to fulfill contractual obligations.
8.3. If inaccuracies are found, the User may update their personal data by emailing the Operator at luxapart@inbox.ru with the subject “Personal Data Update”.
8.4. The duration of processing is determined by the achievement of processing purposes unless otherwise provided by law or contract. Users may withdraw consent at any time by emailing the Operator at luxapart@inbox.ru with the subject “Withdrawal of Consent”.
8.5. Information collected by third-party services (payment systems, communication providers, etc.) is stored and processed by those services according to their User Agreements and Privacy Policies. The Operator is not responsible for the actions of such third parties.
8.6. Restrictions on processing or transferring personal data allowed for distribution do not apply when processing is carried out for state, public, or other public interests.
8.7. The Operator ensures confidentiality of personal data.
8.8. Personal data is stored no longer than required for processing purposes unless otherwise provided by law or contract.
8.9. Processing is terminated upon achieving its goals, expiration of consent, withdrawal of consent, or detection of unlawful processing.
9. List of Actions Performed with Personal Data
9.1. The Operator performs: collection, recording, systematization, accumulation, storage, clarification, retrieval, use, transfer, anonymization, blocking, deletion, destruction.
9.2. Automated processing may occur with or without information transfer through communication networks.
10. Cross-Border Transfer of Personal Data
10.1. Before cross-border transfer, the Operator must notify the authorized body separately from notification of general processing.
10.2. Prior to such notification, the Operator must obtain necessary information from foreign recipients of personal data.
11. Confidentiality of Personal Data
The Operator and any other persons having access to personal data must not disclose or distribute personal data without the data subject’s consent unless required by federal law.
12. Final Provisions
12.1. Users may receive clarifications regarding personal data processing by emailing luxapart@inbox.ru.
12.2. Any changes to this Policy will be reflected in this document. The Policy remains in effect until replaced by a new version.
12.3. The current version is available online at https://luxapartmoscow.ru/privacy.
1. General Provisions.
This Personal Data Processing Policy is prepared in accordance with Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” (hereinafter — the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data implemented by Sole Proprietor Anastasia Evgenevna Tselueva (hereinafter — the Operator).
1.1. The Operator considers the observance of human and civil rights and freedoms when processing personal data, including the protection of the rights to privacy, personal and family confidentiality, as the most important goal and condition for carrying out its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter — the Policy) applies to all information that the Operator may receive about visitors to the website https://luxapartmoscow.ru/.
2. Basic Terms Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computing technology.
2.2. Blocking of personal data — temporary termination of processing personal data (except when processing is necessary to clarify personal data).
2.3. Website — a set of graphic and information materials, as well as computer programs and databases ensuring their availability on the internet at https://luxapartmoscow.ru/.
2.4. Information system of personal data — a set of personal data contained in databases and technologies and technical means enabling their processing.
2.5. Anonymization of personal data — actions that make it impossible to identify, without additional information, the belonging of personal data to a specific User or another subject of personal data.
2.6. Personal data processing — any action (operation) or a set of actions performed with or without automation tools, including collection, recording, systematization, accumulation, storage, clarification (updating or modification), retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.
2.7. Operator — a state body, municipal body, legal entity, or individual that organizes and/or carries out the processing of personal data independently or jointly with other persons, as well as determines the purposes of processing personal data, the composition of personal data to be processed, and actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable User of the website https://luxapartmoscow.ru/.
2.9. Personal data made publicly available by the data subject — personal data to which the data subject has provided access to an unlimited number of persons by giving consent under the procedure stipulated by the Personal Data Law (hereinafter — personal data allowed for distribution).
2.10. User — any visitor of the website https://luxapartmoscow.ru/.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Distribution of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or making personal data available to an unlimited number of persons, including publication in the media, posting in information and telecommunication networks, or providing access in any other way.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state, to a foreign government body, foreign individual, or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irreversible destruction of personal data, preventing further recovery, as well as destruction of physical media containing personal data.
3. Rights and Obligations of the Operator
3.1. The Operator has the right to:
— receive reliable information and/or documents containing personal data from the data subject;
— continue processing personal data without consent if the data subject withdraws such consent, provided there are grounds stated in the Personal Data Law;
— independently determine the measures necessary and sufficient to ensure compliance with legal obligations, unless otherwise specified by federal laws.
3.2. The Operator is obliged to:
— provide the data subject with information regarding the processing of their personal data upon request;
— organize personal data processing in accordance with current legislation of the Russian Federation;
— respond to inquiries and requests of data subjects or their legal representatives as required by law;
— provide necessary information to the authorized body for the protection of personal data subjects within 10 days upon request;
— publish or otherwise ensure unlimited access to this Personal Data Policy;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, distribution, and other unlawful actions;
— stop transferring (distributing) personal data, cease processing, and destroy personal data in accordance with the Personal Data Law;
— fulfill other obligations established by law.
4. Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information regarding the processing of their personal data, except as provided by federal law. Provided information must not contain personal data of other subjects unless there are legal grounds for disclosure;
— demand clarification, blocking, or destruction of their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose;
— require prior consent for personal data processing for marketing purposes;
— withdraw consent for personal data processing or demand termination of processing;
— appeal unlawful actions or inaction of the Operator to the authorized body or court;
— exercise other rights established by law.
4.2. Personal data subjects must:
— provide accurate information about themselves to the Operator;
— inform the Operator about clarification (updating, modifying) of their personal data.
4.3. Persons who provided inaccurate data or disclosed data of another person without consent bear responsibility in accordance with Russian law.
5. Principles of Personal Data Processing
5.1. Processing is carried out lawfully and fairly.
5.2. Processing is limited to specific, predetermined, and legitimate purposes.
5.3. Combining databases with incompatible processing purposes is not allowed.
5.4. Only personal data relevant to processing purposes may be processed.
5.5. The content and scope of processed personal data must comply with the stated purposes.
5.6. The Operator ensures accuracy, sufficiency, and relevance of processed personal data and takes measures to delete or clarify incomplete or inaccurate data.
5.7. Personal data is stored no longer than required for processing purposes unless federal law specifies otherwise. Upon achieving processing goals, data is deleted or anonymized.
6. Purposes of Personal Data Processing
Purpose of processing: conclusion, execution, and termination of civil-law contracts
Personal data processed:
— last name, first name, patronymic
— email address
— phone numbers
Legal grounds:
— contracts between the Operator and the data subject
— Federal Law “On Information, Information Technologies, and Information Protection” No. 149-FZ of July 27, 2006
Types of processing:
— collection, recording, systematization, accumulation, storage, destruction, anonymization
— sending informational emails to the data subject’s email address
7. Conditions for Personal Data Processing
7.1. Processing is performed with the consent of the data subject.
7.2. Processing is necessary to achieve objectives established by law or international treaties.
7.3. Processing is necessary to administer justice or enforce judicial acts.
7.4. Processing is necessary to perform or conclude a contract with the data subject.
7.5. Processing is necessary to protect the legitimate interests of the Operator or third parties, provided this does not violate the rights of the data subject.
7.6. Processing is carried out for publicly available personal data.
7.7. Processing is carried out when personal data must be published or disclosed under federal law.
8. Procedure for Collection, Storage, Transfer, and Other Types of Personal Data Processing
The Operator ensures the security of personal data through legal, organizational, and technical measures required to fully comply with applicable legislation.
8.1. The Operator ensures the safekeeping of personal data and prevents unauthorized access.
8.2. Personal data will never be transferred to third parties except as required by law or with the data subject’s consent to fulfill contractual obligations.
8.3. If inaccuracies are found, the User may update their personal data by emailing the Operator at luxapart@inbox.ru with the subject “Personal Data Update”.
8.4. The duration of processing is determined by the achievement of processing purposes unless otherwise provided by law or contract. Users may withdraw consent at any time by emailing the Operator at luxapart@inbox.ru with the subject “Withdrawal of Consent”.
8.5. Information collected by third-party services (payment systems, communication providers, etc.) is stored and processed by those services according to their User Agreements and Privacy Policies. The Operator is not responsible for the actions of such third parties.
8.6. Restrictions on processing or transferring personal data allowed for distribution do not apply when processing is carried out for state, public, or other public interests.
8.7. The Operator ensures confidentiality of personal data.
8.8. Personal data is stored no longer than required for processing purposes unless otherwise provided by law or contract.
8.9. Processing is terminated upon achieving its goals, expiration of consent, withdrawal of consent, or detection of unlawful processing.
9. List of Actions Performed with Personal Data
9.1. The Operator performs: collection, recording, systematization, accumulation, storage, clarification, retrieval, use, transfer, anonymization, blocking, deletion, destruction.
9.2. Automated processing may occur with or without information transfer through communication networks.
10. Cross-Border Transfer of Personal Data
10.1. Before cross-border transfer, the Operator must notify the authorized body separately from notification of general processing.
10.2. Prior to such notification, the Operator must obtain necessary information from foreign recipients of personal data.
11. Confidentiality of Personal Data
The Operator and any other persons having access to personal data must not disclose or distribute personal data without the data subject’s consent unless required by federal law.
12. Final Provisions
12.1. Users may receive clarifications regarding personal data processing by emailing luxapart@inbox.ru.
12.2. Any changes to this Policy will be reflected in this document. The Policy remains in effect until replaced by a new version.
12.3. The current version is available online at https://luxapartmoscow.ru/privacy.
