1. The main concepts used in the Policy:
- automated processing of personal data — processing of personal data using computer technology;
- blocking of personal data — temporary suspension of the processing of personal data (unless the processing is necessary to clarify personal data);
- website — - a set of graphic and information materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address https://sapspro.net;
- information system of personal data — a set of personal data contained in databases, and ensuring their processing of information technologies and technical means;
- depersonalization of personal data — actions, as a result of which it is impossible to determine without the use of additional information the ownership of personal data to a specific User or other personal data subject;
- personal data processing — any action (operation) or a set of actions (operations) performed using automation tools or without using such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval , use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;
- operator — - a state body, municipal body, legal or natural person, independently or jointly with other persons, organizing and (or) processing personal data, as well as determining the purposes of processing personal data, the composition of personal data to be processed, actions (operations), committed with personal data;
- personal data — any information relating directly or indirectly to a specific or determined User of the website https://sapspro.net
- user — any visitor to the website https://sapspro.net/
- provision of personal data — actions aimed at disclosing personal data to a specific person or a certain circle of persons;
- dissemination of personal data — any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or familiarizing with personal data of an unlimited number of persons, including disclosing personal data in the media, posting on information and telecommunication networks or providing access to personal data in any other way;
- cross-border transfer of personal data — the transfer of personal data to the territory of a foreign state to a foreign government authority, a foreign individual or foreign legal entity;
2. The online store may process the following personal data of the User:
The site also collects and processes anonymized data about visitors (including cookies) using Internet statistics services (Yandex Metric and Google Analytics and others).
The above data are further incorporated in the text of the Policy by the general concept of Personal Data.
3. Purpose of processing personal data
3.1 The purpose of processing the User’s personal data is the conclusion, execution and termination of civil contracts; providing the User with access to services, information and / or materials contained on the website https://sapspro.net clarification of order details.
3.2 Also, the online store has the right to send notifications to the User about new products and services, special offers and various events. The user can always refuse to receive informational messages by sending an e-mail to the Operator to the email address email@example.com marked "Refusal to notify of new products and services and special offers."
3.3 Anonymized data of Users, collected using the Internet statistics services, are used to collect information about the actions of Users on the site, improve the quality of the site and its content.
4. Legal grounds for the processing of personal data
4.1 The Operator processes the User’s personal data only if it is filled and / or sent by the User independently through special forms located on the site https://sapspro.net/. By filling out the appropriate forms and / or sending your personal data to the Operator, the User expresses his consent to this Policy.
5. The procedure for the collection, storage, transfer and other types of processing of personal data
The security of personal data processed by the Operator is ensured through the implementation of legal, organizational and technical measures necessary to fully comply with the requirements of the current legislation in the field of personal data protection.
5.1 The operator ensures the safety of personal data and takes all possible measures to exclude access to personal data of unauthorized persons.
5.2 The User’s personal data will never, under any circumstances, be transferred to third parties, with the exception of cases related to the implementation of applicable law.
5.3 In case of inaccuracies in personal data, the User can update them independently by sending a notification to the Operator to the Operator’s email address firstname.lastname@example.org marked "Updating personal data."
5.4 The term for processing personal data is unlimited. The user can withdraw his consent to the processing of personal data at any time by sending a notification to the Operator by e-mail to the Operator’s email address email@example.com marked “Revocation of consent to the processing of personal data”.
6. Cross-border transfer of personal data
6.1 The operator, prior to the start of the cross-border transfer of personal data, is obliged to make sure that the foreign state in whose territory it is supposed to transfer personal data provides reliable protection of the rights of the subjects of personal data.
6.2 Cross-border transfer of personal data on the territory of foreign states that do not meet the above requirements can be carried out only if there is a written consent of the personal data subject to the cross-border transfer of his personal data and / or the execution of the contract to which the personal data subject is a party.
7. Principles of processing personal data
7.1 The Operator's policy regarding the processing of Users' personal data on the Sites is that personal data should be processed only in cases established by law, based on the main areas of the Operator's activities and taking into account the balance of interests of the Operator and the subjects of personal data. The processing of personal data by the Operator is subject to the need to ensure the protection of the rights and freedoms of personal data subjects, including the protection of the right to privacy, personal and family secrets, based on the following principles:
• the processing of personal data is carried out by the Operator lawfully and fairly;
• the processing of personal data is limited to the achievement of specific, predetermined and legitimate goals;
• personal data processing incompatible with the purposes of collecting personal data is not allowed;
• it is not allowed to combine databases containing personal data, the processing of which is carried out for purposes incompatible with each other;
• only personal data subject to the purposes of their processing are subject to processing;
• the content and volume of the processed personal data is consistent with the stated processing goals; redundancy of processed personal data in relation to the declared purposes of their processing is not allowed;
• when processing personal data, the accuracy of personal data is ensured, its adequacy, and, if necessary, its relevance to the purposes of processing personal data.
• the operator takes the necessary measures or ensures their adoption to delete or clarify incomplete or inaccurate personal data;
• storage of personal data is carried out in a form that allows to determine the subject of personal data, no longer than what is required by the purpose of processing personal data, unless a different storage period for personal data is established by an agreement to which the subject of personal data is the beneficiary or surety.
• the processed personal data is destroyed upon the achievement of the processing goals or in case of loss of the need to achieve these goals, unless otherwise provided by law.
8. Other provisions
8.2 All possible disputes arising from this Agreement shall be resolved in accordance with applicable law at the place of registration of the Operator.
8.3 Before applying to the court, the User must observe the mandatory pre-trial procedure and send the Operator a corresponding written complaint. The response period for a claim is 30 (thirty) business days.