Personal Data Processing Policy
1. General Provisions
This Personal Data Processing Policy has been prepared in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” (hereinafter — the Personal Data Law) and defines the procedure for processing personal data and the measures taken to ensure the security of personal data by the International Community of Independent Consultants (hereinafter — the Operator).
1.1. The Operator considers the observance of human and civil rights and freedoms in the processing of personal data, including the protection of the right to privacy, personal and family confidentiality, as the most important goal and condition for carrying out its activities.
1.2. This Policy of the Operator with respect to the processing of personal data (hereinafter — the Policy) applies to all information that the Operator may obtain about visitors of the website https://medputnik.com
2. Basic Terms Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computer technology.
2.2. Blocking of personal data — temporary suspension of personal data processing (except where processing is necessary to clarify personal data).
2.3. Website — a collection of graphical and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at https://medputnik.com
2.4. Information system of personal data — a set of personal data contained in databases and information technologies and technical means ensuring their processing.
2.5. Depersonalization of personal data — actions that make it impossible, without the use of additional information, to determine whether personal data belongs to a specific User or another personal data subject.
2.6. Processing of personal data — any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state body, municipal body, legal or natural person, independently or jointly with others organizing and/or performing the processing of personal data, as well as determining the purposes of processing, the composition of personal data to be processed, and the actions performed with personal data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable User of the website https://medputnik.com
2.9. Personal data allowed by the subject for dissemination — personal data to which access is granted to an unlimited number of persons by the personal data subject by giving consent to processing in accordance with the Personal Data Law.
2.10. User — any visitor to the website https://medputnik.com
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a defined group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite number of persons, including publication in mass media, placement in information and telecommunication networks, or providing access by any other means.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state, to the authority of a foreign state, to a foreign individual, or to a foreign legal entity.
2.14. Destruction of personal data — any actions as a result of which personal data is irreversibly destroyed with the impossibility of further recovery, and/or physical media containing personal data are destroyed.
3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right to:
receive accurate information and/or documents containing personal data from the data subject;
continue processing personal data without the consent of the data subject in cases provided by the Personal Data Law if the subject withdraws consent or submits a request to cease processing;
independently determine the composition and list of measures necessary and sufficient to ensure compliance with the obligations established by the Personal Data Law, unless otherwise provided by law.
3.2. The Operator is obliged to:
provide the data subject, upon request, with information regarding the processing of their personal data;
organize personal data processing in accordance with current Russian legislation;
respond to requests from data subjects and their legal representatives as required by law;
provide the authorized body for the protection of personal data subjects’ rights, upon request, with necessary information within 10 days of receiving such request;
publish or otherwise ensure unrestricted access to this Policy;
take legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, provision, distribution, and other unlawful actions;
stop transfer, processing, and destroy personal data in cases provided by law;
fulfill other obligations as provided by the Personal Data Law.
4. Basic Rights and Obligations of Personal Data Subjects
4.1. Data subjects have the right to:
receive information regarding the processing of their personal data, except as provided by law;
demand clarification, blocking, or destruction of their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose of processing;
set a condition of prior consent for the processing of personal data for marketing purposes;
withdraw consent to processing and submit a request to terminate processing;
appeal unlawful actions or inaction of the Operator in court or to the authorized body;
exercise other rights provided by Russian law.
4.2. Data subjects are obliged to:
provide accurate personal data about themselves to the Operator;
notify the Operator of clarifications or changes to their personal data.
4.3. Persons who provided the Operator with inaccurate information or with information about another subject without that subject’s consent bear liability under Russian law.
5. Principles of Personal Data Processing
5.1. Processing is carried out on a lawful and fair basis.
5.2. Processing is limited to achieving specific, predetermined, and legitimate purposes. Processing incompatible with the purposes of data collection is not permitted.
5.3. Combining databases containing personal data that are processed for incompatible purposes is not permitted.
5.4. Only personal data relevant to the purposes of processing may be processed.
5.5. The content and volume of processed personal data must correspond to the declared purposes; excessive processing is not permitted.
5.6. Personal data must be accurate, sufficient, and, where necessary, kept up-to-date. The Operator takes necessary measures to remove or clarify incomplete or inaccurate data.
5.7. Personal data must be stored in a form that allows identifying the subject no longer than required by the purposes of processing, unless otherwise required by law or contract. After achieving the purposes, data must be destroyed or anonymized.
6. Purposes of Personal Data Processing
Purpose: Informing the User via email correspondence.
Personal data:
Last name, first name, patronymic
Email address
Phone numbers
Personal information regarding the health of the User or any other person concerned
Legal basis: Contracts concluded between the Operator and the personal data subject.
Types of processing:
Collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data
Sending informational emails to the User’s email address
7. Conditions of Personal Data Processing
7.1. Processing of personal data is carried out with the consent of the subject of personal data.
7.2. Processing is necessary to achieve purposes established by international treaties or laws of the Russian Federation, or for the performance of functions, powers, and duties imposed on the Operator by law.
7.3. Processing is necessary for the administration of justice, enforcement of judicial acts, or acts of other authorities in accordance with Russian law.
7.4. Processing is necessary for the performance of a contract to which the subject is a party, beneficiary, or guarantor, or for entering into a contract at the initiative of the subject.
7.5. Processing is necessary for the exercise of rights and legitimate interests of the Operator or third parties, or for achieving socially significant goals, provided that this does not violate the rights and freedoms of the subject.
7.6. Processing is carried out with respect to personal data made publicly available by the subject or at the subject’s request.
7.7. Processing is carried out when required by law for publication or disclosure.
8. Procedure for Collection, Storage, Transfer, and Other Processing
The Operator ensures the security of personal data through legal, organizational, and technical measures required to fully comply with applicable legislation.
8.1. The Operator ensures the safety of personal data and prevents unauthorized access.
8.2. Personal data of the User will never be transferred to third parties except as required by law or with the consent of the User for fulfilling obligations under a civil law contract.
8.3. If inaccuracies are identified, the User may update their data by sending an email to medputnik@gmail.com
with the subject line “Updating personal data.”
8.4. The period of processing is determined by the purposes for which the data was collected unless otherwise established by contract or law. The User may withdraw consent at any time by emailing medputnik@gmail.com
with the subject line “Withdrawal of consent to personal data processing.”
8.5. All information collected by third-party services (payment systems, communication services, providers) is stored and processed by those parties in accordance with their own User Agreements and Privacy Policies. The Operator is not responsible for the actions of such third parties.
8.6. Restrictions imposed by the subject on the transfer or processing of data allowed for dissemination do not apply where processing is carried out in the public interest as defined by Russian law.
8.7. The Operator ensures confidentiality during processing.
8.8. Personal data is stored in a form allowing identification of the subject no longer than required for processing purposes unless otherwise required by law or contract.
8.9. Processing may be terminated upon achieving purposes, expiration or withdrawal of consent, a demand to cease processing, or detection of unlawful processing.
9. Actions Performed by the Operator with Personal Data
9.1. The Operator collects, records, systematizes, accumulates, stores, clarifies, retrieves, uses, transfers (distributes, provides, grants access), anonymizes, blocks, deletes, and destroys personal data.
9.2. Automated processing of personal data may be carried out with or without information transfer through telecommunications networks.
10. Cross-Border Transfer of Personal Data
10.1. Before initiating cross-border transfer, the Operator must notify the authorized body for the protection of personal data subjects’ rights of its intention (notification separate from that of domestic processing).
10.2. Before such notification, the Operator must obtain relevant assurances from foreign authorities, individuals, or legal entities to whom the transfer is planned.
11. Confidentiality of Personal Data
The Operator and any other person who has gained access to personal data must not disclose or distribute it without the consent of the subject, unless otherwise required by law.
12. Final Provisions
12.1. The User may obtain clarifications regarding the processing of their personal data by contacting the Operator at medputnik@gmail.com
12.2. Any changes to this Policy will be reflected in this document. The Policy remains valid indefinitely until replaced by a new version.
12.3. The current version of the Policy is freely available online at: https://medputnik.com/policy
1. General Provisions
This Personal Data Processing Policy has been prepared in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” (hereinafter — the Personal Data Law) and defines the procedure for processing personal data and the measures taken to ensure the security of personal data by the International Community of Independent Consultants (hereinafter — the Operator).
1.1. The Operator considers the observance of human and civil rights and freedoms in the processing of personal data, including the protection of the right to privacy, personal and family confidentiality, as the most important goal and condition for carrying out its activities.
1.2. This Policy of the Operator with respect to the processing of personal data (hereinafter — the Policy) applies to all information that the Operator may obtain about visitors of the website https://medputnik.com
2. Basic Terms Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computer technology.
2.2. Blocking of personal data — temporary suspension of personal data processing (except where processing is necessary to clarify personal data).
2.3. Website — a collection of graphical and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at https://medputnik.com
2.4. Information system of personal data — a set of personal data contained in databases and information technologies and technical means ensuring their processing.
2.5. Depersonalization of personal data — actions that make it impossible, without the use of additional information, to determine whether personal data belongs to a specific User or another personal data subject.
2.6. Processing of personal data — any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state body, municipal body, legal or natural person, independently or jointly with others organizing and/or performing the processing of personal data, as well as determining the purposes of processing, the composition of personal data to be processed, and the actions performed with personal data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable User of the website https://medputnik.com
2.9. Personal data allowed by the subject for dissemination — personal data to which access is granted to an unlimited number of persons by the personal data subject by giving consent to processing in accordance with the Personal Data Law.
2.10. User — any visitor to the website https://medputnik.com
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a defined group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite number of persons, including publication in mass media, placement in information and telecommunication networks, or providing access by any other means.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state, to the authority of a foreign state, to a foreign individual, or to a foreign legal entity.
2.14. Destruction of personal data — any actions as a result of which personal data is irreversibly destroyed with the impossibility of further recovery, and/or physical media containing personal data are destroyed.
3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right to:
receive accurate information and/or documents containing personal data from the data subject;
continue processing personal data without the consent of the data subject in cases provided by the Personal Data Law if the subject withdraws consent or submits a request to cease processing;
independently determine the composition and list of measures necessary and sufficient to ensure compliance with the obligations established by the Personal Data Law, unless otherwise provided by law.
3.2. The Operator is obliged to:
provide the data subject, upon request, with information regarding the processing of their personal data;
organize personal data processing in accordance with current Russian legislation;
respond to requests from data subjects and their legal representatives as required by law;
provide the authorized body for the protection of personal data subjects’ rights, upon request, with necessary information within 10 days of receiving such request;
publish or otherwise ensure unrestricted access to this Policy;
take legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, provision, distribution, and other unlawful actions;
stop transfer, processing, and destroy personal data in cases provided by law;
fulfill other obligations as provided by the Personal Data Law.
4. Basic Rights and Obligations of Personal Data Subjects
4.1. Data subjects have the right to:
receive information regarding the processing of their personal data, except as provided by law;
demand clarification, blocking, or destruction of their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose of processing;
set a condition of prior consent for the processing of personal data for marketing purposes;
withdraw consent to processing and submit a request to terminate processing;
appeal unlawful actions or inaction of the Operator in court or to the authorized body;
exercise other rights provided by Russian law.
4.2. Data subjects are obliged to:
provide accurate personal data about themselves to the Operator;
notify the Operator of clarifications or changes to their personal data.
4.3. Persons who provided the Operator with inaccurate information or with information about another subject without that subject’s consent bear liability under Russian law.
5. Principles of Personal Data Processing
5.1. Processing is carried out on a lawful and fair basis.
5.2. Processing is limited to achieving specific, predetermined, and legitimate purposes. Processing incompatible with the purposes of data collection is not permitted.
5.3. Combining databases containing personal data that are processed for incompatible purposes is not permitted.
5.4. Only personal data relevant to the purposes of processing may be processed.
5.5. The content and volume of processed personal data must correspond to the declared purposes; excessive processing is not permitted.
5.6. Personal data must be accurate, sufficient, and, where necessary, kept up-to-date. The Operator takes necessary measures to remove or clarify incomplete or inaccurate data.
5.7. Personal data must be stored in a form that allows identifying the subject no longer than required by the purposes of processing, unless otherwise required by law or contract. After achieving the purposes, data must be destroyed or anonymized.
6. Purposes of Personal Data Processing
Purpose: Informing the User via email correspondence.
Personal data:
Last name, first name, patronymic
Email address
Phone numbers
Personal information regarding the health of the User or any other person concerned
Legal basis: Contracts concluded between the Operator and the personal data subject.
Types of processing:
Collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data
Sending informational emails to the User’s email address
7. Conditions of Personal Data Processing
7.1. Processing of personal data is carried out with the consent of the subject of personal data.
7.2. Processing is necessary to achieve purposes established by international treaties or laws of the Russian Federation, or for the performance of functions, powers, and duties imposed on the Operator by law.
7.3. Processing is necessary for the administration of justice, enforcement of judicial acts, or acts of other authorities in accordance with Russian law.
7.4. Processing is necessary for the performance of a contract to which the subject is a party, beneficiary, or guarantor, or for entering into a contract at the initiative of the subject.
7.5. Processing is necessary for the exercise of rights and legitimate interests of the Operator or third parties, or for achieving socially significant goals, provided that this does not violate the rights and freedoms of the subject.
7.6. Processing is carried out with respect to personal data made publicly available by the subject or at the subject’s request.
7.7. Processing is carried out when required by law for publication or disclosure.
8. Procedure for Collection, Storage, Transfer, and Other Processing
The Operator ensures the security of personal data through legal, organizational, and technical measures required to fully comply with applicable legislation.
8.1. The Operator ensures the safety of personal data and prevents unauthorized access.
8.2. Personal data of the User will never be transferred to third parties except as required by law or with the consent of the User for fulfilling obligations under a civil law contract.
8.3. If inaccuracies are identified, the User may update their data by sending an email to medputnik@gmail.com
with the subject line “Updating personal data.”
8.4. The period of processing is determined by the purposes for which the data was collected unless otherwise established by contract or law. The User may withdraw consent at any time by emailing medputnik@gmail.com
with the subject line “Withdrawal of consent to personal data processing.”
8.5. All information collected by third-party services (payment systems, communication services, providers) is stored and processed by those parties in accordance with their own User Agreements and Privacy Policies. The Operator is not responsible for the actions of such third parties.
8.6. Restrictions imposed by the subject on the transfer or processing of data allowed for dissemination do not apply where processing is carried out in the public interest as defined by Russian law.
8.7. The Operator ensures confidentiality during processing.
8.8. Personal data is stored in a form allowing identification of the subject no longer than required for processing purposes unless otherwise required by law or contract.
8.9. Processing may be terminated upon achieving purposes, expiration or withdrawal of consent, a demand to cease processing, or detection of unlawful processing.
9. Actions Performed by the Operator with Personal Data
9.1. The Operator collects, records, systematizes, accumulates, stores, clarifies, retrieves, uses, transfers (distributes, provides, grants access), anonymizes, blocks, deletes, and destroys personal data.
9.2. Automated processing of personal data may be carried out with or without information transfer through telecommunications networks.
10. Cross-Border Transfer of Personal Data
10.1. Before initiating cross-border transfer, the Operator must notify the authorized body for the protection of personal data subjects’ rights of its intention (notification separate from that of domestic processing).
10.2. Before such notification, the Operator must obtain relevant assurances from foreign authorities, individuals, or legal entities to whom the transfer is planned.
11. Confidentiality of Personal Data
The Operator and any other person who has gained access to personal data must not disclose or distribute it without the consent of the subject, unless otherwise required by law.
12. Final Provisions
12.1. The User may obtain clarifications regarding the processing of their personal data by contacting the Operator at medputnik@gmail.com
12.2. Any changes to this Policy will be reflected in this document. The Policy remains valid indefinitely until replaced by a new version.
12.3. The current version of the Policy is freely available online at: https://medputnik.com/policy