Order a service
Submit an online application for a consultation to our certification specialist.
Personal Data Processing Policy
1. General Provisions
This Personal Data Processing Policy is prepared in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006, "On Personal Data" (hereinafter referred to as the "Personal Data Law") and defines the procedure for processing personal data and the measures taken by Certifico LLC(hereinafter referred to as the "Operator") to ensure the security of personal data.
1.1. The Operator considers the highest priority in its activities to be the observance of human and civil rights and freedoms when processing their personal data, including the protection of privacy, personal, and family secrets.
1.2. This Operator’s policy regarding the processing of personal data (hereinafter referred to as the "Policy") applies to all information that the Operator may obtain about visitors to the website https://en.certificogroup.ru.
2. Key Terms Used in the Policy
2.1. Automated Processing of Personal Data – processing of personal data using computer technology.
2.2. Blocking of Personal Data – temporary suspension of personal data processing (except when processing is necessary to clarify personal data).
2.3. Website – a collection of graphical and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at https://en.certificogroup.ru.
2.4. Personal Data Information System – a set of personal data contained in databases and information technologies and technical means enabling their processing.
2.5. Depersonalization of Personal Data – actions resulting in the inability to determine, without additional information, the ownership of personal data by a specific User or other subject of personal data.
2.6. Processing of Personal Data – any action (operation) or set of actions (operations) performed with or without automation tools, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, or destruction of personal data.
2.7. Operator – a state body, municipal authority, legal entity, or individual that independently or jointly with others organizes and/or processes personal data, as well as determines the purposes, content, and actions (operations) performed with personal data.
2.8. Personal Data – any information directly or indirectly related to an identified or identifiable User of the website https://en.certificogroup.ru.
2.9. Personal Data Authorized for Dissemination – personal data to which an unlimited number of persons have access, granted by the subject of personal data by consenting to processing under the Personal Data Law.
2.10. User – any visitor to the website https://en.certificogroup.ru.
2.11. Provision of Personal Data – actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of Personal Data – actions aimed at disclosing personal data to an unlimited number of persons (transfer of personal data) or making personal data available to the public, including publication in media or placement in information and telecommunication networks.
2.13. Cross-Border Transfer of Personal Data – transfer of personal data to a foreign state’s authority, foreign individual, or foreign legal entity.
2.14. Destruction of Personal Data – actions resulting in the irreversible destruction of personal data, making it impossible to restore the content of personal data in the information system and/or destroying physical media containing personal data.
3. Operator’s Key Rights and Obligations
3.1. The Operator has the right to:
4. Rights and Obligations of Personal Data Subjects
4.1. Subjects of personal data have the right to:
5. Principles of Personal Data Processing
Purpose: Informing the User via email.
Personal Data: Name, email, phone numbers.
Legal Basis: Federal Law No. 149-FZ "On Information, Information Technologies, and Data Protection."
Processing Activities: Collection, recording, storage, destruction, and depersonalization.
7. Conditions of Personal Data Processing
Processing is carried out:
Collection, recording, storage, clarification, transfer, depersonalization, blocking, deletion, and destruction.
10. Cross-Border Data Transfer
11. Confidentiality
The Operator and authorized persons must not disclose personal data without consent unless required by law.
12. Final Provisions
This Personal Data Processing Policy is prepared in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006, "On Personal Data" (hereinafter referred to as the "Personal Data Law") and defines the procedure for processing personal data and the measures taken by Certifico LLC(hereinafter referred to as the "Operator") to ensure the security of personal data.
1.1. The Operator considers the highest priority in its activities to be the observance of human and civil rights and freedoms when processing their personal data, including the protection of privacy, personal, and family secrets.
1.2. This Operator’s policy regarding the processing of personal data (hereinafter referred to as the "Policy") applies to all information that the Operator may obtain about visitors to the website https://en.certificogroup.ru.
2. Key Terms Used in the Policy
2.1. Automated Processing of Personal Data – processing of personal data using computer technology.
2.2. Blocking of Personal Data – temporary suspension of personal data processing (except when processing is necessary to clarify personal data).
2.3. Website – a collection of graphical and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at https://en.certificogroup.ru.
2.4. Personal Data Information System – a set of personal data contained in databases and information technologies and technical means enabling their processing.
2.5. Depersonalization of Personal Data – actions resulting in the inability to determine, without additional information, the ownership of personal data by a specific User or other subject of personal data.
2.6. Processing of Personal Data – any action (operation) or set of actions (operations) performed with or without automation tools, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, or destruction of personal data.
2.7. Operator – a state body, municipal authority, legal entity, or individual that independently or jointly with others organizes and/or processes personal data, as well as determines the purposes, content, and actions (operations) performed with personal data.
2.8. Personal Data – any information directly or indirectly related to an identified or identifiable User of the website https://en.certificogroup.ru.
2.9. Personal Data Authorized for Dissemination – personal data to which an unlimited number of persons have access, granted by the subject of personal data by consenting to processing under the Personal Data Law.
2.10. User – any visitor to the website https://en.certificogroup.ru.
2.11. Provision of Personal Data – actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of Personal Data – actions aimed at disclosing personal data to an unlimited number of persons (transfer of personal data) or making personal data available to the public, including publication in media or placement in information and telecommunication networks.
2.13. Cross-Border Transfer of Personal Data – transfer of personal data to a foreign state’s authority, foreign individual, or foreign legal entity.
2.14. Destruction of Personal Data – actions resulting in the irreversible destruction of personal data, making it impossible to restore the content of personal data in the information system and/or destroying physical media containing personal data.
3. Operator’s Key Rights and Obligations
3.1. The Operator has the right to:
- Obtain accurate information and/or documents containing personal data from the subject of personal data.
- Continue processing personal data without the subject’s consent if grounds are specified in the Personal Data Law.
- Independently determine necessary measures to comply with legal requirements.
- Provide the subject of personal data, upon request, with information regarding the processing of their personal data.
- Process personal data in accordance with Russian legislation.
- Respond to requests from subjects of personal data and their legal representatives.
- Notify the authorized body for personal data protection within 10 days of a request.
- Publish or ensure unrestricted access to this Policy.
- Implement legal, organizational, and technical measures to protect personal data.
- Cease processing and destroy personal data in cases stipulated by law.
4. Rights and Obligations of Personal Data Subjects
4.1. Subjects of personal data have the right to:
- Request information about the processing of their personal data.
- Demand correction, blocking, or destruction of inaccurate or unlawfully obtained data.
- Withdraw consent to processing.
- Appeal unlawful actions of the Operator.
- Provide accurate information about themselves.
- Notify the Operator of any changes to their personal data.
5. Principles of Personal Data Processing
- Lawfulness and fairness.
- Purpose limitation.
- Data minimization.
- Accuracy and relevance.
- Storage limitation.
Purpose: Informing the User via email.
Personal Data: Name, email, phone numbers.
Legal Basis: Federal Law No. 149-FZ "On Information, Information Technologies, and Data Protection."
Processing Activities: Collection, recording, storage, destruction, and depersonalization.
7. Conditions of Personal Data Processing
Processing is carried out:
- With the subject’s consent.
- To comply with legal obligations.
- For contractual performance.
- For legitimate interests (without violating rights).
- The Operator implements security measures to protect data.
- Personal data is not transferred to third parties without consent, except as required by law.
- Users may update or withdraw consent by emailing info@certificogroup.ru.
Collection, recording, storage, clarification, transfer, depersonalization, blocking, deletion, and destruction.
10. Cross-Border Data Transfer
- The Operator must notify authorities before transferring data abroad.
11. Confidentiality
The Operator and authorized persons must not disclose personal data without consent unless required by law.
12. Final Provisions
- Users may contact the Operator at info@certificogroup.ru for clarifications.
- The Policy is effective indefinitely and may be updated.
- The current version is available at https://en.certificogroup.ru/privacy/.
Any questions?
Send an online request for a consultation with our certification expert.
