If you have a contract with one of our subsidiaries, then the Operator / Controller of your data will be Association “Russian Register“ and the company specified in your contract (“Russian Register – Volga-Kaspiy” Ltd., “Russian Register – Far East” Ltd., “Russian Register – Ural Quality” Ltd., “Russian Register – Ural inspectorate” Ltd., “Russian Register-Povolzhye” Ltd., “Russian Register-Privolzhye” Ltd., “Russian Register – Moscow inspectorate” Ltd., “Russian Register – Сivil Aviation” Ltd., “Russian Register – Moskoviya” Ltd., “Russian Register – Siberia” Ltd., “Russian Register – Volga” Ltd., “Russian Register – Baltic inspectorate” Ltd., “Russian Register – International certification” Ltd., “Russian Register – Certification” Ltd., “Russian Register – SouthWest” Ltd., “Russian Register- Sakhalin” Ltd., “Russian Register – Eurasia” Ltd., “Russian Register- Azerbaijan” Ltd., “Russian Register-Westgeorgia” Ltd., “Russian Register – Bel” Ltd., “Russian Register- Central Asia” Ltd., “Russian Register – Transcaucasia” Ltd., ANPO FPE “TC “Russian Register – Baltic inspectorate”, “Russian Register – Industrial expert assessment” Ltd., “Russian Register – Avia Standard” Ltd., “Russian Register – Expert” Ltd., “Russian Register – NordWest” Ltd). In all other cases, the Operator / Controller of your data will be Certification Association “Russian Register”.
The policy and procedures for processing personal data were developed in accordance with the requirements of Federal Law No. 152-FL of July 27, 2006 “On Personal Data” (further 152- FL), Federal Law No. 149-FL of July 27, 2006 “On Information, Information Technologies and Information Protection”, Regulation No. 2016/679 of the European Parliament and the Council of the European Union “On the Protection of Individuals in the Processing of Personal Data and on the Free Circulation of Such Data” (hereinafter referred to as the EU Regulation), and the applicable national legislation for the subject of personal data. Association Russian Register understands that its activities will be directed to the subjects of personal data, including in the European Union (hereinafter EU).
Any personal information provided or acquired by a subsidiary is controlled primarily by the Russian Register Association, (address (location) -191014, St. Petersburg, Liteiny Prospekt, 45/8, letter A, p.6H).
When you visit our site, we receive and can collect two types of information: (1) Information on the use of the site, cookies, IP-addresses, and (2) personal information that you provide knowingly and which is collected on an individual basis.
Also you can contact us with a mail to the address: Association for certification “Russian Register”, Russia, 190121, St. Petersburg, Rimsky-Korsakov Ave., 101, office 1.
The present confidentiality policy uses the following concepts and their definitions:
Personal data (within the scope of 152-FL) – any information related directly or indirectly to a specified or identified individual (subject of personal data);
Personal data (within the scope of the EU Regulation) means any information relating to an identified or identifiable individual (“data subject”);
The identifiable individual is a person who can be identified directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier or one or more factors specific to the physical, physiological, genetic, intellectual, economic, cultural or social identity of the individual. The criterion “all means can be reasonably used for identification” stipulated in Directive 95/46 / EC remains;
Operator (within the scope of 152-FL) – a state body, a municipal body, a legal entity or an individual, independently or jointly with other persons organizing and (or) processing personal data, as well as defining the purposes of processing personal data, the composition of personal data subject to processing, actions (operations) performed with personal data;
The Controller (within the scope of the EU Regulation) means a natural or legal person, a public authority, an agency or other agency that independently or jointly with others determines the purposes and means for processing personal data;
Personal data processing – any action (operation) or a set of actions (operations) performed using automation tools or without using such tools with personal data, including collection, recording, systematization, accumulation, storage, updating (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;
Automated processing of personal data – processing of personal data by means of computer facilities;
Dissemination of personal data – actions aimed at disclosing personal data to an undetermined number of persons;
Provision of personal data – actions aimed at disclosing personal data to a specific person or a certain circle of persons;
Blocking of personal data – temporary termination of processing of personal data (except for cases when processing is necessary for specification of personal data);
Destruction of personal data – actions, as a result of which it becomes impossible to restore the contents of personal data in the information system of personal data and (or) as a result of which material carriers of personal data are destroyed;
The depersonalization of personal data is an action, as a result of which it becomes impossible, without using additional information, to determine the belonging of personal data to a specific subject of personal data;
Information system of personal data – a set of personal data contained in databases and providing their processing of information technologies and technical means;
Cross-border transfer of personal data – the transfer of personal data to the territory of a foreign state to the authority of a foreign state, to a foreign individual or to a foreign legal entity;
Cookies — a small piece of data sent by the web server and stored on the user’s computer that the web client or web browser sends to the web server each time in the HTTP request when they try to open the page of the corresponding site.
IP–address is a unique network address of a node in a computer network built on the IP protocol.
Inspector for the protection of personal data of the EU subjects appointed Ryazanova Elena, the head of the branch in Lithuania, with her can be contacted by e-mail firstname.lastname@example.org.
The representative acts on behalf of the Controller / Operator.
The Controller / Operator maintains records of processing operations under his responsibility, cooperates with the supervisory authorities and makes records on their requests available for the purpose of monitoring such processing operations.
Controller / Operator taking into account the current state, implementation costs and nature, scope, context and purpose of processing, as well as the risk of harming the rights and freedoms of individuals, is required to take appropriate technical and organizational measures to ensure a level of safety appropriate to risks, including , in particular:
- pseudonymization and encryption of personal data;
- ensuring the continued confidentiality, integrity, accessibility;
- the stability of processing systems and services;
- the ability to timely restore accessibility and access to personal;
- data in the event of a physical or technical incident;
- the process of regular testing, evaluation and evaluation of the effectiveness of technical;
- organizational measures to ensure the safety of processing.
Certification Association “Russian Register” has appointed an official person for the protection of personal data, this official has specific knowledge in the field of legislation and data protection practices.
Information we assembly
Association Russian Register collects personal data that is visited by this site and registered in the web service of Association Russian Register, individuals who are employees / employees of the Customer services, while collecting and processing information and objective data (evidence) related to the operation of the Customer’s management systems. When the Customer registers in the Russian Register web service, we require (i) a user name, (ii) a password, (iii) an email address, (iv) a first and last name.
We may also ask the Client to provide us with additional personal information, such as: (i) the name of the company, (ii) the position, (iii) education (iv) and (v) other personal data that the Client could evade without specifying these data when requested. We use the Customer’s login information to authenticate users and provide access to the Services of Association Russian Register.
We also use the email addresses provided in the registration information to contact our customers.
When carrying out work to assess the compliance of the management systems / processes / operations of the Client and obtaining objective evidence, we can collect the following data from the Client’s employees:
- about education;
- on labor and general experience
- about the specialty;
- about the position held;
- the content of the employment contract (in part not related to the financial side);
- in originals and copies of orders on personnel;
- in personal files and work books of employees;
- in cases containing materials on the improvement of professional skill and retraining of employees, their attestation, official investigations;
- special data, namely, health data related solely to real work activities, for example: records of compulsory medical examinations, investigations of accidents, occupational diseases, health certificates, personal medical books, etc.
Periodically Association Russian Register can contact you by e-mail to inform you about changes in services, planned preventive works, changes in information about the Association Russian Register and information materials from the Association Russian Register. We will keep your information as long as the account is active or as long as it is necessary to provide you with services. We will maintain and use your data to the extent necessary to fulfill our legal obligations to you, resolve disputes and enforce our agreements.
You agree and accept that your data collected from this site or in connection with the Services provided by Association Russian Register may be transferred across national borders, stored and processed in third countries in accordance with the requirements of 152-FL and the EU Regulation.
Distribution of your data
We reserve the right to disclose your personal information, as required by law, and in cases where we are sure that the disclosure of information is necessary to protect our rights and / or compliance with judicial procedures, court decisions or other judicial acts brought against us.
We involve third parties, such as accrediting organizations, that monitor our activities. When you agree to our services, you acknowledge that you do not object to the transfer of your data to such third parties upon their request. Third parties are prohibited from using your personal information for promotional purposes.
Use of the site
Our server automatically collects information about the use of the site every time you visit our site.
Information about the use of the site includes, among others, the following items: domain names, the operating system used (for example, macOS, Windows), the browser (Mozilla Firefox, Internet Explorer) and their versions, the website from which you came to us, and other similar information. This information is collected to determine the number of visits to the site, the average time spent on our site, the pages viewed, the time and date of visits, and other similar information. We can use and disclose information about the use of the site, for example, to determine the degree of use of our site, improve its content, explain the usefulness of our site and the services that we provide, as well as to enhance the functionality of the site.
We use this information, which does not identify individual users, for analyzing trends, administering the site, determining the movements of users on the site and for collecting demographic information about our basic user base in general. We do not refer this automatically collected information to personal data.
Like other commercial sites, cookies technology can be used to provide you with well-chosen
information. Cookies are a small part of the data that a website can send to your browser and which can then be stored on your hard drive so that we can recognize you the next time you visit. You can configure your browser to notify you when you receive cookies. Our cookies collect general information that enhances our ability to work for you and to determine the relevance of our site. We do not include the information that we store in cookies, to any personal data that you provide on the site.
The information we collect can be used to improve your use of the website, provide you with the necessary services, organize our website in the friendly manner for the client, transmit special offers and important points and / or respond to your questions and suggestions.
If agreed, personal information includes data that identifies you as a specific individual, i.e. Your name, email address, phone number, postal address and / or name and address of the company. This information is used to complete the process of registering an account, requesting client information and / or verifying the validity of the request.
We will use this information solely for communication with you.
Association Russian Register collects only that personal information that you agree to provide by registering voluntarily with the web service of Association Russian Register. Association Russian Register will inform you what information is mandatory for submission and what you do not have to specify.
Special note for children
This site is not intended for children under 13 years of age. Children can use this site only under the direct supervision of their parents.
When you send us an email, we use your email address for comments and / or an answer to your question, and save your message and our reply for any further correspondence. beyond our initial response, we will never use your email address to send you an undesired message or information and will not transfer or sell it to anyone for use for such purposes. When you agree to receive information about our services, promotional offers, newsletters, press releases and / or new offers, we use your email address and any other information that you convey to us to provide you with information or services, until, until you ask for termination (using the instructions on cancellation of the subscription contained in each e-mail).
When you request information or other services from us, we use your e-mail address and other information that you transmit to us to provide you with information or services, until you ask for
termination (using the instructions on cancellation of subscription, contained in each electronic message and / or on the website where you were registered and / or otherwise determined by us) or until information or services are no longer available.
We will never use your e-mail address or other information to send you any unsolicited emails or information (except when it is part of the service you are requesting), nor will we provide or sell, rent or lease any to a third party for use in such purposes.
Customer’s personal information policy
Association Russian Register recognizes the need to respect the privacy of those who decide to entrust their private information to you. We make every effort to ensure their safety. Association Russian Register will never use the information about you received within the framework of providing the services of Association Russian Register, except for the one that was provided by you voluntarily, and will not exchange this information or sell it to anyone for use.
We declare that the storage of personal data is one of our main responsibilities.
We restrict access to personal information about you only by those employees and others who need this information to support us in the conduct of our business, or to provide you with goods and services. We protect personal information, in accordance with accepted standards and security procedures, by providing physical, electronic and procedural security guarantees for personal data.
All the information of our customers and their employees, not only the private information specified above, is limited to distribution in our offices. Only employees who need this information to perform a particular job (for example, an expert who conducts an audit or a representative of the marketing and international activities department) personally have access to private information.
All servers of Association Russian Register have maintenance and support to prevent unauthorized access, and protect data from unauthorized use.
We can not guarantee the security of your data at the time of their transfer through the Internet and servers that are beyond our control. We try to protect your personal information, but Association Russian Register cannot provide or guarantee the security of any information you transmit to our website or in the process of using the Services of Association Russian Register. Any transfer of data that you make through the Internet is carried out under your responsibility. When we receive the data, we make every effort to ensure the safety and security of this data in our system.
If you are blogging or using a forum on the site, you should understand that any personal information that you specify there can be read, collected or used by other users of these blogs or forums, and can also be used to send you junk mail. We are not responsible for the personal information you decide to
post on these blogs and forums.
Social network service tags
Customer reviews / reviews
We publish customer reviews that may contain personal information on our website. We necessarily obtain the client’s consent by email to publish the name along with the review before publishing the review.
Viewing, changing or removing information
You can change or delete your personal information at any time by contacting email@example.com.
Please contact us if you need help with updating or viewing your data. The support team will respond to you within 20 days.
Remote information can be stored in backups for up to 30 days, but will not be available to others.
If we make significant changes or intend to use the personal information of users in a manner that is different from the information set at the time of collection, we will notify users through our website before such changes take effect. Users will be able to give us permission to use their information in a different way or refuse. However, if users refused to use our site or deleted their account, there will be no further contacts with such users and their information will not be used in such a new way.
The subject of personal data has the right to require the Operator / Controller to update his personal data.
The subject of personal data has the right to demand the blocking of his personal data, he also has the right to demand the destruction thereof in the event that personal data are incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing, and also take measures provided by law to protect their rights.
The subject of personal data has the right to receive information concerning the processing of his personal data, including:
- confirmation of the fact of personal data processing by the Operator;
- legal grounds and objectives for the processing of personal data;
- purposes and methods of processing personal data used by the Operator;
- the name and location of the Operator, information on persons (with the exception of the operator’s employees) who have access to personal data or who can disclose personal data on the basis of a contract with the operator or on the basis of legislation;
- processed personal data relating to the relevant personal data subject, sources of their receipt, if other procedure for providing such data is not provided for by law;
- the terms of processing of personal data, including the terms of their storage;
- procedure for the subject to exercise personal data in accordance with the law;
- information on the carried out or expected transboundary data transfer;
- name or surname, name, patronymic and address of the person carrying out the processing of personal data on behalf of the Operator, if the processing is entrusted or will be entrusted to such person;
- other information provided for by Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” or Regulation No. 2016/679 of the European Parliament and the Council of the European Union or other legislation.
© Certification Association “Russian Register”
ND № 001.00-850
Version 2: 10.03.2020