General Provisions

1.1. This Policy on the Processing of Personal Data (hereinafter – the “Policy”) of Limited Liability Company “Alternativa” (hereinafter – the “Company”, the “Organization”) defines the basic principles, purposes, conditions and methods of processing personal data, the lists of data subjects and personal data processed at LLC “Alternativa”, the functions of the Company in processing personal data, the rights of personal data subjects, as well as the requirements for the protection of personal data implemented in the Company in accordance with the requirements of Article 18.1 of Federal Law No. 152‑FZ of 27 July 2006 “On Personal Data”.

1.2. The following basic concepts are used in this Policy:

• personal data – any information relating to a directly or indirectly identified or identifiable natural person (personal data subject);
• processing of personal data – any action (operation) or set of actions (operations) performed with or without the use of automation means with personal data, including collection, recording, systematisation, accumulation, storage, updating (renewal, modification), retrieval, use, transfer (distribution, provision, access), anonymisation, blocking, deletion, destruction of personal data;
• automated processing of personal data - processing of personal data by means of computer technology;
• distribution of personal data – actions aimed at disclosing personal data to an indefinite circle of persons;
• provision of personal data – actions aimed at disclosing personal data to a specific person or a specific group of persons;
• blocking of personal data – temporary cessation of processing of personal data (except where processing is necessary to clarify personal data);
• destruction of personal data – actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and/or as a result of which the physical media of personal data are destroyed;
• anonymisation of personal data – actions as a result of which it becomes impossible, without the use of additional information, to determine the ownership of personal data to a specific personal data subject;
• personal data information system – a set of personal data contained in databases and information technologies and technical means ensuring their processing;
• personal data subject – a natural person to whom the personal data directly or indirectly relates.

2. Principles of processing personal data in the Company:

2.1. Processing of personal data is carried out on a lawful and fair basis.

2.2. Processing of personal data is limited to the achievement of specific, predetermined and legitimate purposes. Processing of personal data incompatible with the purposes of collecting personal data is not permitted.

2.3. Combining databases containing personal data processed for purposes incompatible with each other is not permitted.

2.4. Only personal data that meet the purposes of their processing may be processed.

2.5. The content and scope of the processed personal data correspond to the stated purposes of processing and are not excessive in relation to the stated purposes of their processing.

2.6. When processing personal data, the accuracy of personal data, their sufficiency, and where necessary, their relevance in relation to the purposes of processing personal data are ensured. Necessary measures are taken to delete or clarify incomplete or inaccurate data.

2.7. Personal data is stored in a form that makes it possible to identify the personal data subject no longer than required by the purposes of processing personal data, unless the storage period for personal data is established by federal law, a contract to which the personal data subject is a party, beneficiary or guarantor. Processed personal data upon achievement of the processing purposes or in the event of a loss of the need to achieve these purposes, unless otherwise provided for by federal law, shall be destroyed or anonymised.

2.8. When collecting personal data, including via the information and telecommunications network “Internet”, the recording, systematisation, accumulation, storage, updating (renewal, modification) and retrieval of personal data of citizens of the Russian Federation is ensured using databases located on the territory of the Russian Federation.

3. Legal grounds for processing personal data

3.1. Processing of personal data in the Company is carried out in accordance with Federal Law No. 152‑FZ of 27 July 2006 “On Personal Data”, Article 53 of Federal Law of the Russian Federation No. 126‑FZ of 07 July 2003 “On Communications”, the Labour Code of the Russian Federation, Decree of the Government of the Russian Federation No. 1119 of 01 November 2012 “On approval of requirements for the protection of personal data during their processing in personal data information systems”, Decree of the Government of the Russian Federation No. 687 of 15 September 2008 “On approval of the Regulations on the specifics of processing personal data carried out without the use of automation means”, and other regulatory legal acts in the field of personal data protection.

4. Purposes of processing personal data

4.1. The Company collects, stores and processes only those personal data that are necessary for the provision of services and for the conduct of its activities, as well as for ensuring the rights and legitimate interests of third parties, provided that the rights of the personal data subject are not violated.

4.2. The personal data of a personal data subject may be processed by the Company for the following purposes:

4.2.1. For identification of the personal data subject;

4.2.2. For the purpose of enabling registration and maintenance (support) of a domain name;

4.2.3. For communication with the personal data subject when necessary, including for sending notifications, requests and information related to the provision of services, as well as for processing requests and applications from personal data subjects;

4.2.4. For conducting statistical and other research based on anonymised data.

4.3. The Organization does not process special categories of personal data concerning racial or ethnic origin, political views, religious beliefs, health status, nor biometric personal data.

5. Composition of personal data

5.1. Personal data of a personal data subject who is an employee of the Company – information required by the Company in connection with the execution, amendment or termination of employment relations.

5.2. Personal data of a personal data subject who is a counterparty under a civil law contract – information required by the Company in connection with the execution, amendment or termination of a civil law contract with that personal data subject.

5.3. Personal data of a personal data subject who is a client of the Company – information required by the Company to fulfil its obligations under contractual relations with the personal data subject (client of the Company) and to comply with the requirements of the legislation of the Russian Federation in the field of personal data protection.

5.4. Personal data of a personal data subject who is a natural person who has applied to the Organization in accordance with the procedure established by Federal Law “On the Procedure for Considering Appeals from Citizens of the Russian Federation”.

6. Processing of personal data

6.1. The processing of personal data of personal data subjects of the Company is carried out for the purpose of ensuring compliance with laws and other regulatory legal acts of the Russian Federation, ensuring the personal security of personal data subjects, monitoring the quantity and quality of work performed, and ensuring the safety of the Company’s property.

6.2. Processing of personal data is carried out by the Company with the consent of the personal data subjects, both using automation means and without the use of such means.