By clicking the “OK” button or continuing to browse and use the website, I consent to the processing of cookie files. You can disable cookie processing through your browser settings.
Learn more in the Policy.
Learn more in the Policy.
ОК
(01) /
Processing policy and consent to the processing of personal data
1. General provisions
This personal data processing policy has been compiled in accordance with the requirements of Federal Law No. 152-FZ dated 27.07.2006 "On Personal Data" (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data taken by Orlova Elizaveta Sergeevna (hereinafter referred to as the Operator).
1.1. The Operator sets as its most important goal and condition for the implementation of its activities the observance of human and civil rights and freedoms when processing his personal data, including the protection of the rights to privacy, personal and family secrets.
1.2. This Operator's policy regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator can receive about website visitors. http://x3-agency.com.
1.1. The Operator sets as its most important goal and condition for the implementation of its activities the observance of human and civil rights and freedoms when processing his personal data, including the protection of the rights to privacy, personal and family secrets.
1.2. This Operator's policy regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator can receive about website visitors. http://x3-agency.com.
2. Basic concepts used in the Policy
2.1. Automated personal data processing is the processing of personal data using computer technology.
2.2. Blocking of personal data is the temporary termination of the processing of personal data (except in cases where processing is necessary to clarify personal data).
2.3. A website is a collection of graphic and informational materials, as well as computer programs and databases that ensure their availability on the Internet at a network address http://x3-agency.com.
2.4. Personal data information system is a set of personal data contained in databases and information technologies and technical means that ensure their processing.
2.5. Depersonalization of personal data — actions as a result of which it is impossible to determine without using additional information whether personal data belongs to a specific User or another personal data subject.
2.6. Personal data processing is any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state body, municipal body, legal entity or individual who independently or jointly with other persons organize and/or process personal data, as well as determine the purposes of personal data processing, the composition of personal data to be processed, actions (operations) performed with personal data.
2.8. Personal data — any information related directly or indirectly to a specific or identifiable User of the Website http://x3-agency.com.
2.9. Personal data authorized by the personal data subject for dissemination is personal data to which an unlimited number of persons have access by the personal data subject by giving consent to the processing of personal data authorized by the personal data subject for dissemination in accordance with the procedure provided for by the Personal Data Act (hereinafter referred to as personal data authorized for Dissemination).
2.10. User — any visitor to the website http://x3-agency.com.
2.11. Provision of personal data — actions aimed at disclosing personal data to a certain person or a certain circle of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or at familiarizing with personal data of an unlimited number of persons, including the publication of personal data in the media, posting in information and telecommunications networks or providing access to personal data in any other way.
2.13. Cross—border transfer of personal data is the transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual or a foreign legal entity.
2.14. Destruction of personal data — any actions as a result of which personal data is permanently destroyed with the impossibility of further restoration of the content of personal data in the personal data information system and/or the material carriers of personal data are destroyed.
2.2. Blocking of personal data is the temporary termination of the processing of personal data (except in cases where processing is necessary to clarify personal data).
2.3. A website is a collection of graphic and informational materials, as well as computer programs and databases that ensure their availability on the Internet at a network address http://x3-agency.com.
2.4. Personal data information system is a set of personal data contained in databases and information technologies and technical means that ensure their processing.
2.5. Depersonalization of personal data — actions as a result of which it is impossible to determine without using additional information whether personal data belongs to a specific User or another personal data subject.
2.6. Personal data processing is any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state body, municipal body, legal entity or individual who independently or jointly with other persons organize and/or process personal data, as well as determine the purposes of personal data processing, the composition of personal data to be processed, actions (operations) performed with personal data.
2.8. Personal data — any information related directly or indirectly to a specific or identifiable User of the Website http://x3-agency.com.
2.9. Personal data authorized by the personal data subject for dissemination is personal data to which an unlimited number of persons have access by the personal data subject by giving consent to the processing of personal data authorized by the personal data subject for dissemination in accordance with the procedure provided for by the Personal Data Act (hereinafter referred to as personal data authorized for Dissemination).
2.10. User — any visitor to the website http://x3-agency.com.
2.11. Provision of personal data — actions aimed at disclosing personal data to a certain person or a certain circle of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or at familiarizing with personal data of an unlimited number of persons, including the publication of personal data in the media, posting in information and telecommunications networks or providing access to personal data in any other way.
2.13. Cross—border transfer of personal data is the transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual or a foreign legal entity.
2.14. Destruction of personal data — any actions as a result of which personal data is permanently destroyed with the impossibility of further restoration of the content of personal data in the personal data information system and/or the material carriers of personal data are destroyed.
3. Basic rights and obligations of the Operator
3.1. The Operator has the right to:
— receive reliable information and/or documents containing personal data from the subject of personal data;
— continue processing personal data without the consent of the subject in cases provided for by the Personal Data Law, even if the subject withdraws consent or demands termination of processing;
— independently determine the composition and list of measures necessary and sufficient to ensure compliance with obligations stipulated by the Personal Data Law unless otherwise specified by law.
3.2. The Operator must:
— provide the subject of personal data with information regarding the processing of their personal data upon request;
— organize the processing of personal data in accordance with current legislation;
— respond to requests from personal data subjects and their legal representatives in accordance with the Personal Data Law;
— provide information to the authorized body for the protection of personal data subjects' rights within 10 days of receiving such a request;
— publish or otherwise ensure unrestricted access to this Policy;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, dissemination, and other unlawful actions;
— stop transferring (distributing, providing, accessing) and processing personal data, and destroy it as prescribed by the Personal Data Law;
— perform other duties stipulated by the Personal Data Law.
— receive reliable information and/or documents containing personal data from the subject of personal data;
— continue processing personal data without the consent of the subject in cases provided for by the Personal Data Law, even if the subject withdraws consent or demands termination of processing;
— independently determine the composition and list of measures necessary and sufficient to ensure compliance with obligations stipulated by the Personal Data Law unless otherwise specified by law.
3.2. The Operator must:
— provide the subject of personal data with information regarding the processing of their personal data upon request;
— organize the processing of personal data in accordance with current legislation;
— respond to requests from personal data subjects and their legal representatives in accordance with the Personal Data Law;
— provide information to the authorized body for the protection of personal data subjects' rights within 10 days of receiving such a request;
— publish or otherwise ensure unrestricted access to this Policy;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, dissemination, and other unlawful actions;
— stop transferring (distributing, providing, accessing) and processing personal data, and destroy it as prescribed by the Personal Data Law;
— perform other duties stipulated by the Personal Data Law.
4. Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information regarding the processing of their personal data, except as provided by law;
— demand correction, blocking, or destruction of personal data if it is incomplete, outdated, inaccurate, obtained unlawfully, or not necessary for the stated purpose;
— require prior consent for processing their personal data for marketing purposes;
— withdraw consent for the processing of personal data and require its termination;
— lodge complaints to the authorized body or through court about unlawful actions or inaction of the Operator;
— exercise other rights provided by the laws of the Russian Federation.
4.2. Personal data subjects must:
— provide the Operator with accurate data;
— inform the Operator about any updates or changes to their personal data.
4.3. Persons who provide false information or information about other individuals without their consent bear responsibility under Russian law.
— receive information regarding the processing of their personal data, except as provided by law;
— demand correction, blocking, or destruction of personal data if it is incomplete, outdated, inaccurate, obtained unlawfully, or not necessary for the stated purpose;
— require prior consent for processing their personal data for marketing purposes;
— withdraw consent for the processing of personal data and require its termination;
— lodge complaints to the authorized body or through court about unlawful actions or inaction of the Operator;
— exercise other rights provided by the laws of the Russian Federation.
4.2. Personal data subjects must:
— provide the Operator with accurate data;
— inform the Operator about any updates or changes to their personal data.
4.3. Persons who provide false information or information about other individuals without their consent bear responsibility under Russian law.
6. Purpose of Personal Data Processing
Purpose: Providing the User access to services, information, and/or materials on the website.
Personal data:
— full name
— email address
— phone numbers
Legal grounds:
— founding documents of the Operator
— contracts between the Operator and the subject
Types of processing:
— collection, recording, systematization, accumulation, storage, destruction, depersonalization
— sending informational emails
Personal data:
— full name
— email address
— phone numbers
Legal grounds:
— founding documents of the Operator
— contracts between the Operator and the subject
Types of processing:
— collection, recording, systematization, accumulation, storage, destruction, depersonalization
— sending informational emails
5. Principles of Personal Data Processing
5.1. Processing must be lawful and fair.
5.2. Data processing is limited to achieving specific, legitimate purposes.
5.3. It is not allowed to combine databases with incompatible processing goals.
5.4. Only data relevant to the stated purposes should be processed.
5.5. The content and scope of processed data must match the stated purposes.
5.6. Accuracy, sufficiency, and relevance must be ensured; incomplete or inaccurate data must be updated or deleted.
5.7. Data must be stored no longer than necessary for the processing purpose, unless otherwise required by law or contract. After the goal is achieved, data must be destroyed or depersonalized.
5.2. Data processing is limited to achieving specific, legitimate purposes.
5.3. It is not allowed to combine databases with incompatible processing goals.
5.4. Only data relevant to the stated purposes should be processed.
5.5. The content and scope of processed data must match the stated purposes.
5.6. Accuracy, sufficiency, and relevance must be ensured; incomplete or inaccurate data must be updated or deleted.
5.7. Data must be stored no longer than necessary for the processing purpose, unless otherwise required by law or contract. After the goal is achieved, data must be destroyed or depersonalized.
7. Conditions of Personal Data Processing
7.1. Data processing is carried out with the subject's consent.
7.2. Processing is necessary under law or international treaties.
7.3. Processing is required to fulfill judicial or executive acts.
7.4. Processing is necessary for contract performance or initiation.
7.5. Processing is needed to pursue legitimate interests or public benefits.
7.6. Processing of publicly available data is allowed.
7.7. Data required to be disclosed by law may be processed.
7.2. Processing is necessary under law or international treaties.
7.3. Processing is required to fulfill judicial or executive acts.
7.4. Processing is necessary for contract performance or initiation.
7.5. Processing is needed to pursue legitimate interests or public benefits.
7.6. Processing of publicly available data is allowed.
7.7. Data required to be disclosed by law may be processed.
8. Procedure for Collection, Storage, and Transfer
Personal data security is ensured through legal, organizational, and technical measures compliant with data protection legislation.
8.1. The Operator safeguards data from unauthorized access.
8.2. Personal data is never transferred to third parties unless required by law or with the subject’s consent for contract execution.
8.3. Users may update data by emailing hello@x3-agency.ru with the subject “Update of personal data”.
8.4. The data processing period is defined by the purpose, unless a longer period is required by law or contract.
Users may withdraw consent by emailing hello@x3-agency.ru with the subject “Withdrawal of consent to personal data processing”.
8.5. Third-party services (e.g., payment systems, communication providers) store and process data in accordance with their policies. The Operator is not responsible for their actions.
8.6. Restrictions imposed by the subject do not apply to processing in public or state interests as defined by law.
8.7. The Operator ensures the confidentiality of personal data.
8.8. Data is stored only as long as necessary to fulfill processing purposes.
8.9. Processing ends upon achievement of the purpose, expiration of consent, its withdrawal, or detection of unlawful processing.
8.1. The Operator safeguards data from unauthorized access.
8.2. Personal data is never transferred to third parties unless required by law or with the subject’s consent for contract execution.
8.3. Users may update data by emailing hello@x3-agency.ru with the subject “Update of personal data”.
8.4. The data processing period is defined by the purpose, unless a longer period is required by law or contract.
Users may withdraw consent by emailing hello@x3-agency.ru with the subject “Withdrawal of consent to personal data processing”.
8.5. Third-party services (e.g., payment systems, communication providers) store and process data in accordance with their policies. The Operator is not responsible for their actions.
8.6. Restrictions imposed by the subject do not apply to processing in public or state interests as defined by law.
8.7. The Operator ensures the confidentiality of personal data.
8.8. Data is stored only as long as necessary to fulfill processing purposes.
8.9. Processing ends upon achievement of the purpose, expiration of consent, its withdrawal, or detection of unlawful processing.
9. List of Personal Data Processing Actions
9.1. The Operator carries out collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction.
9.2. Automated processing with or without data transfer via communication networks is performed.
9.2. Automated processing with or without data transfer via communication networks is performed.
10. Cross-border Personal Data Transfer
10.1. Before cross-border transfers, the Operator must notify the authorized authority.
10.2. The Operator must obtain relevant information from foreign recipients before notification.
10.2. The Operator must obtain relevant information from foreign recipients before notification.
11. Confidentiality of Personal Data
The Operator and any third party with access to personal data must not disclose or distribute it without the subject’s consent, unless otherwise required by law.
12. Final Provisions
12.1. Users may contact the Operator for clarification regarding personal data processing via hello@x3-agency.ru.
12.2. This Policy is valid indefinitely until replaced by a new version.
12.3. The current version of the Policy is available online at: http://x3-agency.com/policy
12.2. This Policy is valid indefinitely until replaced by a new version.
12.3. The current version of the Policy is available online at: http://x3-agency.com/policy
