Last modified: August 24, 2021
This personal data processing policy (hereinafter referred to as the
Policy) of HDMD, LLC (Litovsky blvd, 5/10-380, Moscow, 117593, Russia; INN (taxpayer identification number) 7728445015, OGRN (primary state registration number) 1187746804893, hereinafter referred to as
HANDMADE) sets the amount, purposes and methods of processing of personal data belonging to natural persons, who are not HANDMADE employees, and is publicly available in English language on the website handma.de (hereinafter referred to as the
Website) at the following web-address: handma.de/en/documents/pdppolicy, in accordance with the requirements of the Federal Law of the Russian Federation
On Personal Data No. 152-ФЗ dated 27.07.2006.
1. LEGAL GROUNDS FOR PERSONAL DATA PROCESSING
Legal grounds for personal data processing are constituted in the Article 6 of the Federal Law of the Russian Federation
On Personal Data No. 152-ФЗ dated 27.07.2006, and the consent of the personal data subject.
2. USER'S CONSENT TO PERSONAL DATA PROCESSING
2.1. By sending a message via feedback forms posted on the Website, the user expresses their consent to the processing of their personal data in the amount and for the purposes defined by this Policy.
2.3. The user of the Website can subscribe to receive newsletters by e-mail, if such an opportunity is provided by the Website. Newsletters may contain news, analytical materials, information about events run by HANDMADE and so on. By filling in the
E-mail address field, the user agrees to receive such newsletters. The user may withdraw their consent to receive newsletters at any time. Each letter sent to the user by e-mail provides them with an opportunity to unsubscribe.
3. PURPOSE OF PERSONAL DATA PROCESSING
3.1. The purpose of personal data processing is to provide the user of the Website with information about HANDMADE, including the contract terms, services, promotions, and special offers; to analyze the quality of the services provided by HANDMADE and increase customers' satisfaction; to execute contracts; to provide services; to account for services rendered to customers in order to make settlements; to handle complaints and claims of HANDMADE customers.
4. AMOUNT OF PERSONAL DATA PROCESSED
4.1. HANDMADE processes the following personal data of natural persons, who are not employees of HANDMADE:
– First name, patronymic, last name;
– Date of birth;
– Registered address;
– Residence address (if it differs from the registered address);
– ID data (series, number, authority and date of issue);
– Mobile phone number;
– E-mail address;
– Place of work and position;
– Banking details;
– INN (taxpayer identification number);
– VAT payer status in the Russian Federation;
– Links to a personal Internet page and pages on social networks.
5. CONFIDENTIALITY OF PERSONAL DATA
6. TERM OF PERSONAL DATA PROCESSING
7. DATA SUBJECT RIGHTS
7.1. Every personal data subject has entitled to the following:
a) The right to access – every data subject has the right to request HANDMADE for copies of their personal data. HANDMADE may charge the data subject a small fee for this service.
b) The right to rectification – every data subject has the right to request that HANDMADE correct any information the data subject believes is inaccurate. The data subject also has the right to request HANDMADE to complete the information the data subject believes is incomplete.
c) The right to erasure – every data subject has the right to request that HANDMADE erase the personal data of the data subject, under certain conditions.
d) The right to restrict processing – every data subject has the right to request that HANDMADE restrict the processing of the personal data of the data subject, under certain conditions.
e) The right to object to processing – every data subject has the right to object to HANDMADE’s processing of the personal data of the data subject, under certain conditions.
f) The right to data portability – every data subject has the right to request that HANDMADE transfer the data that they have collected to another organization, or directly to the data subject, under certain conditions.
7.2. The implementation of any of the rights of the data subject listed above is carried out by sending a written request to HANDMADE at the following address: Litovsky blvd, 5/10-380, Moscow, 117593, Russia. When implementing the right to erase personal data, use the following form of Personal Data Erasure Request.
8. PROTECTION OF PERSONAL DATA
8.1. HANDMADE takes measures that are necessary and sufficient to ensure the fulfillment of obligations stipulated by the Federal Law of the Russian Federation
On Personal Data No. 152-ФЗ dated 27.07.2006 and regulatory acts adopted in accordance therewith.
8.2. HANDMADE determines independently the composition and list of measures that are necessary and sufficient to ensure the fulfillment of such obligations, in particular:
a) a person responsible for the organization of the processing of personal data has been appointed;
b) local acts on the processing and protection of personal data have been developed and approved;
c) legal, organizational and technical measures are applied to ensure the security of personal data:
– threats to the security of personal data during their processing in personal data information systems have been identified;
– rules of access to data processed in the personal data information system are established; registration and accounting of all actions performed with/to personal data in the personal data information system are also ensured.
d) the measures taken to ensure the security of personal data and the level of security of personal data information systems are monitored;
e) an assessment of the harm that may be caused to the personal data subject in case of violation of requirements of the current legislation of the Russian Federation is made and this harm is balanced against measures taken by HANDMADE to ensure the fulfillment of obligations stipulated by the current legislation of the Russian Federation;
f) the conditions are observed that exclude unauthorized access to tangible media, on which personal data are stored, and ensure the security of personal data;
g) HANDMADE's employees directly processing personal data are familiar with the provisions of the legislation of the Russian Federation on personal data, including the requirements for the protection of personal data, and local acts on the processing and protection of personal data.
8.3. In order to ensure the confidentiality of information and protect personal data, HANDMADE maintains an appropriate IT environment and takes all measures that are necessary to prevent the unauthorized access.