Make an application
PERSONAL DATA
PROCESSING POLICY
1. GENERAL PROVISIONS
1.1 This Policy of SIBUR LLC (hereinafter referred to as the «Operator») regarding the collection of personal data (hereinafter referred to as the «Policy») defines the main purposes, procedure and conditions of personal data processing by the Operator, as well as measures to ensure personal data security.
1.2 This Policy has been developed in accordance with Article 18.1 of Federal Law No. 152-FZ dated 27.07.2006 "On Personal Data."
1.3 This Policy is a public document and is subject to publication on the official website of the Operator on the Internet.
1.4 All employees of the Operator are guided by the provisions of this Policy are .
1.5 The provisions of this Policy provide the basis for the development of Operational local policies detailing the processing and protection of personal data.
1.2 This Policy has been developed in accordance with Article 18.1 of Federal Law No. 152-FZ dated 27.07.2006 "On Personal Data."
1.3 This Policy is a public document and is subject to publication on the official website of the Operator on the Internet.
1.4 All employees of the Operator are guided by the provisions of this Policy are .
1.5 The provisions of this Policy provide the basis for the development of Operational local policies detailing the processing and protection of personal data.
2. BASIC DEFENITION
2.1 Personal data - any information related to a directly or indirectly defined or determined individual (personal data subject).
2.2 Operator - a state body, municipal body, legal or natural person, independently or jointly with other persons organizing and (or) providing the processing of personal data, as well as determining the purposes of processing personal data, the list of processed personal data, actions (operations) performed with personal data.
2.3 Processing of personal data - any action (operation) or activity performed by using automation equipment or without it, including collection, recording, systematization, accumulation, storage, clarification (update, modification), extraction, use, transfer (distribution, provision, access), impersonation, blocking, deletion, destruction of personal data.
2.4 Distribution of personal data - actions aimed at the disclosure of personal data to an indefinite scope of persons.
2.5 Provision of personal data - actions aimed at the disclosure of personal data to a certain person or a certain list of persons.
2.6 Blocking of personal data - temporary cessation of processing of personal data (with exception of processing required for the purpose of clarification of personal data).
2.7 Destruction of personal data - actions as a result of which it becomes impossible to restore the content of personal data in the information system of personal data and (or) as a result of which material carriers of personal data are destroyed.
2.2 Operator - a state body, municipal body, legal or natural person, independently or jointly with other persons organizing and (or) providing the processing of personal data, as well as determining the purposes of processing personal data, the list of processed personal data, actions (operations) performed with personal data.
2.3 Processing of personal data - any action (operation) or activity performed by using automation equipment or without it, including collection, recording, systematization, accumulation, storage, clarification (update, modification), extraction, use, transfer (distribution, provision, access), impersonation, blocking, deletion, destruction of personal data.
2.4 Distribution of personal data - actions aimed at the disclosure of personal data to an indefinite scope of persons.
2.5 Provision of personal data - actions aimed at the disclosure of personal data to a certain person or a certain list of persons.
2.6 Blocking of personal data - temporary cessation of processing of personal data (with exception of processing required for the purpose of clarification of personal data).
2.7 Destruction of personal data - actions as a result of which it becomes impossible to restore the content of personal data in the information system of personal data and (or) as a result of which material carriers of personal data are destroyed.
3. RIGHTS AND OBLIGATIONS OF THE OPERATOR
3.1 The Operator shall be entitled to:
- defend their interests in the court;
- subject to consent of the personal data subject entrust the processing of personal data to another entity or person, unless otherwise is provided by federal law, on the basis of an agreement concluded with this person\entity;
- transfer personal data to the third parties, if it is stipulated by the current legislation of the Russian Federation (transfer personal data to the bodies of inquiry, investigation, other authorized bodies on the grounds provided by the current legislation of the Russian Federation).
- refuse to provide personal data in cases provided for the legislation of the Russian Federation;
- use the personal data without his consent, in cases provided by the legislation of the Russian Federation.
3.2 The Operator shall:
- inform the personal data subject or his/her representative about the existence of personal data related to the relevant personal data subject, as well as provide the possibility of examination of the personal data when the personal data subject or his/her representative applies for such examination in 30 days from the date of the request of the personal data subject or his/her representative;
- take measures necessary and sufficient to ensure the fulfillment of the obligations stipulated by the Federal Law "On Personal Data" and the legal acts adopted in accordance with this law.
- defend their interests in the court;
- subject to consent of the personal data subject entrust the processing of personal data to another entity or person, unless otherwise is provided by federal law, on the basis of an agreement concluded with this person\entity;
- transfer personal data to the third parties, if it is stipulated by the current legislation of the Russian Federation (transfer personal data to the bodies of inquiry, investigation, other authorized bodies on the grounds provided by the current legislation of the Russian Federation).
- refuse to provide personal data in cases provided for the legislation of the Russian Federation;
- use the personal data without his consent, in cases provided by the legislation of the Russian Federation.
3.2 The Operator shall:
- inform the personal data subject or his/her representative about the existence of personal data related to the relevant personal data subject, as well as provide the possibility of examination of the personal data when the personal data subject or his/her representative applies for such examination in 30 days from the date of the request of the personal data subject or his/her representative;
- take measures necessary and sufficient to ensure the fulfillment of the obligations stipulated by the Federal Law "On Personal Data" and the legal acts adopted in accordance with this law.
4. RIGHTS OF PERSONAL DATA SUBJECTS
4.1 Personal data subjects have the right to:
- full information on the personal data processed by the Operator;
- access to the personal data, including the right to receive a copy of any record containing the personal data, except for cases provided by the legislation of the Russian Federation;
- clarification, blocking or destruction of personal data if the personal data is incomplete, outdated, non-accurate, illegally obtained or collection of personal data isjn not necessary for the purpose of processing;
- withdraw of consent to process the personal data;
- take measures stipulated by the legislation of the Russian Federation to protect their rights;
- appeal unlawful actions or inactions in the processing and protection of its personal data to the authority competent for the protection of the rights of personal data subjects or in the court ;
- exercise of other rights provided for the legislation of the Russian Federation.
- full information on the personal data processed by the Operator;
- access to the personal data, including the right to receive a copy of any record containing the personal data, except for cases provided by the legislation of the Russian Federation;
- clarification, blocking or destruction of personal data if the personal data is incomplete, outdated, non-accurate, illegally obtained or collection of personal data isjn not necessary for the purpose of processing;
- withdraw of consent to process the personal data;
- take measures stipulated by the legislation of the Russian Federation to protect their rights;
- appeal unlawful actions or inactions in the processing and protection of its personal data to the authority competent for the protection of the rights of personal data subjects or in the court ;
- exercise of other rights provided for the legislation of the Russian Federation.
5. MAIN PURPOSES OF PERSONAL DATA PROCESSING
5.1 The Operator processes personal data for the following purposes:
- ensuring compliance with the Constitution of the Russian Federation, legislation and other regulatory legal acts of the Russian Federation, local regulations of the Operator;
- exercise of the functions, powers and obligations assigned by the law of the Russian Federation to the Operator, including the provision of personal data to state authorities, to the Pension Fund of the Russian Federation, to the Social Insurance Fund of the Russian Federation, to the Federal Fund for Compulsory Medical Insurance, as well as to other state bodies;
- regulation of labor relations with the Operator's employees (keeping of personnel and accounting records, documentation of labor relations, coactions in employment, training and promotion, ensuring the personal safety of employees, control of the quantity and quality of full work, ensuring the safety of property);
- providing the Operator's employees and their family members with additional guarantees and compensations, including voluntary medical insurance and other types of social security;
- protection of life, health or other vital interests of personal data subjects;
- preparation, conclusion, execution and termination of contracts with the Operator`s counterparties
- organization and provision of access and intra-object modes, terrorist protection of the Operator's facilities;
- creation and maintenance of reference books for information support of the Operator's activities;
- execution of judicial acts, acts of other bodies or officials subject to execution in accordance with the law of the Russian Federation on enforcement proceedings;
- exercise of rights and legitimate interests of the Operator within the framework of performance of activities provided for by the Operator's Charter;
- other legal purposes.
- ensuring compliance with the Constitution of the Russian Federation, legislation and other regulatory legal acts of the Russian Federation, local regulations of the Operator;
- exercise of the functions, powers and obligations assigned by the law of the Russian Federation to the Operator, including the provision of personal data to state authorities, to the Pension Fund of the Russian Federation, to the Social Insurance Fund of the Russian Federation, to the Federal Fund for Compulsory Medical Insurance, as well as to other state bodies;
- regulation of labor relations with the Operator's employees (keeping of personnel and accounting records, documentation of labor relations, coactions in employment, training and promotion, ensuring the personal safety of employees, control of the quantity and quality of full work, ensuring the safety of property);
- providing the Operator's employees and their family members with additional guarantees and compensations, including voluntary medical insurance and other types of social security;
- protection of life, health or other vital interests of personal data subjects;
- preparation, conclusion, execution and termination of contracts with the Operator`s counterparties
- organization and provision of access and intra-object modes, terrorist protection of the Operator's facilities;
- creation and maintenance of reference books for information support of the Operator's activities;
- execution of judicial acts, acts of other bodies or officials subject to execution in accordance with the law of the Russian Federation on enforcement proceedings;
- exercise of rights and legitimate interests of the Operator within the framework of performance of activities provided for by the Operator's Charter;
- other legal purposes.
6. LEGAL GROUNDS FOR PROCESSING DATA
6.1 Labor Code of the Russian Federation;
6.2 Civil Code of the Russian Federation;
6.3 Tax Code of the Russian Federation;
6.4 Consent of the personal data subject to the processing of personal data;
6.5 Federal Law No. 19.05.1995 of 81-FZ "On State Benefits for Citizens with Children";
6.6 Federal Law No. 181-FZ of 24.11.1995 "On Social Protection of disabled persons in the Russian Federation";
6.7 Federal Law No. 27-FZ dated 01.04.1996 "On Individual (Personal) Accounting in the Compulsory Pension Insurance System";
6.8 Federal Law of 28.03.1998 No. 53-FZ "On Military Duty and Military Service";
6.9 Federal Law No. 125-FZ of 24.07.1998 "On Compulsory Social Insurance against Accidents at Work and Occupational Diseases";
6.10 Federal Law No. 16.07.1999 dated 165-FZ "On the Basics of Compulsory Co-Insurance";
6.11 Federal Law No. 166-FZ dated 15.12.2001 "On State Pension Support in the Russian Federation";
6.12 Federal Law No. 167-FZ dated 15.12.2001 "On Compulsory Pension Insurance in the Russian Federation";
6.13 Federal Law of 17.12.2001 No. 173-FZ "On Labor Pensions in the Russian Federation";
6.14 Federal Law No. 255-FZ of 29.12.2006 "On Compulsory Social Insurance for Temporary Disability and Maternity";
6.15 Federal Law of 07.07.2003 No. 126-FZ "On Communications."
6.2 Civil Code of the Russian Federation;
6.3 Tax Code of the Russian Federation;
6.4 Consent of the personal data subject to the processing of personal data;
6.5 Federal Law No. 19.05.1995 of 81-FZ "On State Benefits for Citizens with Children";
6.6 Federal Law No. 181-FZ of 24.11.1995 "On Social Protection of disabled persons in the Russian Federation";
6.7 Federal Law No. 27-FZ dated 01.04.1996 "On Individual (Personal) Accounting in the Compulsory Pension Insurance System";
6.8 Federal Law of 28.03.1998 No. 53-FZ "On Military Duty and Military Service";
6.9 Federal Law No. 125-FZ of 24.07.1998 "On Compulsory Social Insurance against Accidents at Work and Occupational Diseases";
6.10 Federal Law No. 16.07.1999 dated 165-FZ "On the Basics of Compulsory Co-Insurance";
6.11 Federal Law No. 166-FZ dated 15.12.2001 "On State Pension Support in the Russian Federation";
6.12 Federal Law No. 167-FZ dated 15.12.2001 "On Compulsory Pension Insurance in the Russian Federation";
6.13 Federal Law of 17.12.2001 No. 173-FZ "On Labor Pensions in the Russian Federation";
6.14 Federal Law No. 255-FZ of 29.12.2006 "On Compulsory Social Insurance for Temporary Disability and Maternity";
6.15 Federal Law of 07.07.2003 No. 126-FZ "On Communications."
7. CATEGORIES OF PERSONAL DATA PROCESSED AND CATEGORIES OF SUBJECTS
7.1 For the purposes of processing specified in this Policy, the Operator processes personal data of its employees, as well as other personal data subjects who are not in employment relations with the Operator, including:
- Operator's employees, former employees, as well as their close relatives and representatives;
- candidates for employment;
- employees and representatives of counterparties;
- visitors to the Operator's facilities and participants of the Operator's enterprises;
- visitors and users of the Operator's websites;
- entities whose personal data were transferred to the Operator by third parties within the framework of concluded contracts.
7.2 The list of personal data processed by the Operator shall be determined in accordance with the legislation of the Russian Federation and local acts of the Operator, taking into account the purposes of processing personal data specified in this Policy.
7.3 The Operator shall not be entitled to receive and process personal data relating to race and nationality, political, religious and philosophical beliefs, intimate life, state of health, except for drinking teas provided for by federal laws.
7.4 For the purposes of information support, the Operator may create common and accessible sources (including directories and address books), to which include personal data reported by the personal data subject with his written consent, unless otherwise provided by the legislation of the Russian Federation.
7.5 The Operator may process biometric personal data of personal data subjects with the written consent of the subjects, unless otherwise provided by the legislation of the Russian Federation.
- Operator's employees, former employees, as well as their close relatives and representatives;
- candidates for employment;
- employees and representatives of counterparties;
- visitors to the Operator's facilities and participants of the Operator's enterprises;
- visitors and users of the Operator's websites;
- entities whose personal data were transferred to the Operator by third parties within the framework of concluded contracts.
7.2 The list of personal data processed by the Operator shall be determined in accordance with the legislation of the Russian Federation and local acts of the Operator, taking into account the purposes of processing personal data specified in this Policy.
7.3 The Operator shall not be entitled to receive and process personal data relating to race and nationality, political, religious and philosophical beliefs, intimate life, state of health, except for drinking teas provided for by federal laws.
7.4 For the purposes of information support, the Operator may create common and accessible sources (including directories and address books), to which include personal data reported by the personal data subject with his written consent, unless otherwise provided by the legislation of the Russian Federation.
7.5 The Operator may process biometric personal data of personal data subjects with the written consent of the subjects, unless otherwise provided by the legislation of the Russian Federation.
8. PROCEDURE AND CONDITIONS FOR PROCESSING PERSONAL DATA
8.1 The Operator shall collect, record, systematize, accumulate, store, refine (update, modify), retrieve, use, transfer (space, grant, access), depersonalize, block, delete and destroy personal data.
8.2 The processing of personal data is carried out in the following ways:
- manual processing of personal data;
- automated processing of personal data with or without transfer of information via information and telecommunication networks;
- mixed processing of personal data.
8.3 Personal data shall be processed by the Operator with the consent of the personal data subject to the processing of his personal data, unless otherwise provided by the legislation of the Russian Federation.
8.4 Storage of personal data of subjects of personal data is carried out in the form allowing to define the subject of personal data, not longer than it is demanded by the purposes of their processing if the period of storage of personal data is not established by the federal law, orcontract, the party, beneficiary or the guarantor of which the subject of personal data is.
8.5 The conditions for termination of personal data processing may be:
- achievement of personal data processing purposes;
- expiration of the consent or withdrawal of the consent of the personal data subject to the processing of its personal data;
- termination of the Operator's activities (liquidation or reorganization).
8.6 When processing personal data, the Operator shall take necessary and sufficient legal, organizational and technical measures to protect personal data from illegal or accidental access, destruction, modification, blocking, copying, providing, distributing personal data, as well as from other illegal actions in relation to personal data, including:
- appointment of a person responsible for the organization of personal data processing;
- adoption of local acts and other documents in the field of processing and protection of personal data;
- identification of personal data security threats during their processing in personal data information systems;
- organizational and technical measures to ensure the security of personal data when processing it in personal data information systems;
- familiarization of the Operator's employees who directly process personal data with the provisions of the legislation of the Russian Federation on personal data and local acts on the processing of personal data and, if necessary, organize training for these employees;
- obtaining consent of personal data subjects to the processing of their personal data, except for cases stipulated by the legislation of the Russian Federation;
- internal control over measures taken to ensure the security of personal data;
- other measures provided for by the legislation of the Russian Federation in the field of personal data.
8.7 The Operator's employees responsible for violation of the requirements of the Federal Law "On Personal Data" and the regulations adopted in accordance with it bear material, disciplinary, administrative, civil law or criminal liability in the manner established by the legislator of the Russian Federation.
8.2 The processing of personal data is carried out in the following ways:
- manual processing of personal data;
- automated processing of personal data with or without transfer of information via information and telecommunication networks;
- mixed processing of personal data.
8.3 Personal data shall be processed by the Operator with the consent of the personal data subject to the processing of his personal data, unless otherwise provided by the legislation of the Russian Federation.
8.4 Storage of personal data of subjects of personal data is carried out in the form allowing to define the subject of personal data, not longer than it is demanded by the purposes of their processing if the period of storage of personal data is not established by the federal law, orcontract, the party, beneficiary or the guarantor of which the subject of personal data is.
8.5 The conditions for termination of personal data processing may be:
- achievement of personal data processing purposes;
- expiration of the consent or withdrawal of the consent of the personal data subject to the processing of its personal data;
- termination of the Operator's activities (liquidation or reorganization).
8.6 When processing personal data, the Operator shall take necessary and sufficient legal, organizational and technical measures to protect personal data from illegal or accidental access, destruction, modification, blocking, copying, providing, distributing personal data, as well as from other illegal actions in relation to personal data, including:
- appointment of a person responsible for the organization of personal data processing;
- adoption of local acts and other documents in the field of processing and protection of personal data;
- identification of personal data security threats during their processing in personal data information systems;
- organizational and technical measures to ensure the security of personal data when processing it in personal data information systems;
- familiarization of the Operator's employees who directly process personal data with the provisions of the legislation of the Russian Federation on personal data and local acts on the processing of personal data and, if necessary, organize training for these employees;
- obtaining consent of personal data subjects to the processing of their personal data, except for cases stipulated by the legislation of the Russian Federation;
- internal control over measures taken to ensure the security of personal data;
- other measures provided for by the legislation of the Russian Federation in the field of personal data.
8.7 The Operator's employees responsible for violation of the requirements of the Federal Law "On Personal Data" and the regulations adopted in accordance with it bear material, disciplinary, administrative, civil law or criminal liability in the manner established by the legislator of the Russian Federation.
9. PROCEDURE AND CONDITIONS FOR PROCESSING PERSONAL DATA
9.1 In case of confirmation of the fact of inaccuracy of personal data - personal data are subject to clarification by the Operator, and in case of confirmation of the fact of illegality of their processing - processing of personal data should be ceased.
9.2 Upon achievement of the purposes of personal data processing, as well as if the personal data subject withdraws the consent to processing, the Operator shall cease the processing personal data or ensure the termination of such processing (if the personal data processing is carried out by another person acting on the instructions of the Operator) and if the collection of personal data is no longer required for the purposes of processing personal data, destroy personal data or ensure their destruction (if the processing of personal data is carried out by another person acting on behalf of the Operator) within a period not exceeding 30 days from the date of receipt of the specified withdrawal, if:
- otherwise is not provided by the contract to which the personal data subject is a party, beneficiary or guarantor;
- The Operator shall not be entitled to process personal data without the consent of the subject on the grounds stipulated by the Federal Law "On Personal Data" or other federal laws;
- other than provided by the agreement between the Operator and the subject of personal data.
9.3 If it is not possible to destroy personal data within the period specified in Clause 9.2, the Operator shall block such personal data and ensure the destruction of personal data within no more than 6 months, unless otherwise established by federal laws.
9.2 Upon achievement of the purposes of personal data processing, as well as if the personal data subject withdraws the consent to processing, the Operator shall cease the processing personal data or ensure the termination of such processing (if the personal data processing is carried out by another person acting on the instructions of the Operator) and if the collection of personal data is no longer required for the purposes of processing personal data, destroy personal data or ensure their destruction (if the processing of personal data is carried out by another person acting on behalf of the Operator) within a period not exceeding 30 days from the date of receipt of the specified withdrawal, if:
- otherwise is not provided by the contract to which the personal data subject is a party, beneficiary or guarantor;
- The Operator shall not be entitled to process personal data without the consent of the subject on the grounds stipulated by the Federal Law "On Personal Data" or other federal laws;
- other than provided by the agreement between the Operator and the subject of personal data.
9.3 If it is not possible to destroy personal data within the period specified in Clause 9.2, the Operator shall block such personal data and ensure the destruction of personal data within no more than 6 months, unless otherwise established by federal laws.
Made in
Make a complaint
Place your goods on the platform
Become a partner
Become a partner of SIBUR
Make a complaint