Privacy Policy for the Processing of Personal Data1. General ProvisionsThis Personal Data Processing Policy is drawn up in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006 "On Personal Data" (hereinafter — the "Personal Data Law") and defines the procedure for processing personal data and measures to ensure the security of personal data undertaken by Anna Aleksandrovna Basulina (hereinafter — the "Operator").
1.1. The Operator considers the protection of the rights and freedoms of individuals and citizens when processing their personal data, including the protection of the right to privacy, personal and family secrets, to be one of its most important goals and conditions for conducting its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter — the "Policy") applies to all information that the Operator may obtain about visitors to the website
https://basdsgn.ru/.
2. Basic Concepts Used in the Policy2.1.
Automated processing of personal data — processing using computer equipment.
2.2.
Blocking of personal data — temporary suspension of data processing (except when necessary for clarification).
2.3.
Website — a collection of graphic and informational materials, as well as software and databases available at
https://basdsgn.ru/.
2.4.
Personal data information system — a system consisting of databases and technologies for processing personal data.
2.5.
Depersonalization — actions that prevent the identification of the data subject without additional information.
2.6.
Processing — any action (or set of actions) performed on personal data, including collection, storage, use, distribution, blocking, deletion, etc.
2.7.
Operator — a public authority, municipality, legal or natural person who organizes and/or processes personal data and determines the purposes of such processing.
2.8.
Personal data — any information relating directly or indirectly to a specific or identifiable User of the website
https://basdsgn.ru/.
2.9.
Personal data allowed by the subject for dissemination — personal data made public with the subject’s consent as per the law.
2.10.
User — any visitor to the website
https://basdsgn.ru/.
2.11.
Provision of personal data — actions disclosing data to a specific person or group.
2.12.
Dissemination of personal data — actions that make personal data known to an indefinite number of people.
2.13.
Cross-border transfer of personal data — transferring data to foreign states or entities.
2.14.
Destruction — any action that irreversibly deletes data.
3. Rights and Obligations of the Operator3.1. The Operator has the right to:
— receive accurate personal data from the data subject;
— continue processing after consent withdrawal if allowed by law;
— determine necessary protective measures unless otherwise stated in federal law.
3.2. The Operator is obliged to:
— provide information about data processing upon request;
— ensure data processing complies with the law;
— respond to inquiries and requests;
— report to authorized agencies upon request;
— publish this Policy and ensure public access;
— protect personal data from unauthorized access or actions;
— stop data transfer/processing and destroy data as required by law.
4. Rights and Obligations of Data Subjects4.1. Data subjects have the right to:
— receive information about data processing;
— request correction, blocking, or deletion of incorrect or unnecessary data;
— require consent for marketing purposes;
— withdraw consent and stop processing;
— appeal unlawful actions;
— exercise other rights provided by law.
4.2. Data subjects must:
— provide accurate data;
— notify the Operator of updates.
4.3. Persons who submit false data or data of others without consent are liable under Russian law.
5. Principles of Personal Data Processing5.1. Processing is lawful and fair.
5.2. Data processing is limited to specific, lawful goals.
5.3. Incompatible databases must not be merged.
5.4. Only relevant data is processed.
5.5. The volume and content of data must correspond to processing goals.
5.6. Data must be accurate, sufficient, and, where necessary, updated.
5.7. Data is stored no longer than necessary and destroyed when no longer needed.
6. Purpose of Personal Data ProcessingPurpose: Handling user inquiries and providing information about services.
Personal Data: Full name, email, phone number.
Legal Basis: Consent via the contact form.
Processing Activities: Collection, storage, deletion, depersonalization, email correspondence.
7. Conditions for Personal Data Processing7.1. Processing is done with user consent.
7.2. Processing is allowed for legal or public purposes.
7.3. Processing is required by a court or other authority.
7.4. Processing is required for contract execution.
7.5. Processing is in legitimate interest unless it violates rights.
7.6. Processing of public data is permitted.
7.7. Mandatory data disclosure is allowed under law.
8. Collection, Storage, Transfer, and Other ProcessingData security is ensured via legal, organizational, and technical measures.
8.1. The Operator ensures data safety and restricts unauthorized access.
8.2. Data is never transferred to third parties except when required by law or consent is given.
8.3. Users can update data by emailing
annabasulina@yandex.ru (subject: “Personal Data Update”).
8.4. The processing period depends on the purpose unless otherwise required by law or contract.
Consent may be withdrawn by emailing the same address (subject: “Consent Withdrawal”).
8.5. Third-party services (e.g., payment systems) store and process data according to their own policies. The Operator is not responsible for their actions.
8.6. Restrictions on dissemination do not apply in cases of public or legal interest.
8.7. Confidentiality is maintained.
8.8. Data is stored only as long as needed for processing purposes.
8.9. Processing may end upon goal achievement, expiration of consent, withdrawal, or discovery of unlawful processing.
9. Operator's Actions with Personal Data9.1. The Operator performs collection, storage, update, use, transfer, depersonalization, blocking, deletion, and destruction.
9.2. Data is processed automatically, with or without internet transfer.
10. Cross-Border Transfer of Data10.1. The Operator must notify the authority before cross-border data transfer.
10.2. The Operator must first obtain the necessary assurances from the foreign entities.
11. ConfidentialityThe Operator and anyone with access to personal data must not disclose or share it without the data subject’s consent unless otherwise required by law.
12. Final Provisions12.1. Users can contact the Operator for any questions at
annabasulina@yandex.ru.
12.2. Changes to the Policy will be reflected in this document. The Policy is valid indefinitely until replaced.
12.3. The current version is publicly available on the website at:
