This Privacy Policy for personal data (hereinafter referred to as the Privacy Policy) applies to all information that the "FCHANGE" service, located at the domain name fchange.org, may obtain about the User during the use of the website.
1. General Provisions
This document defines the policy of the website fchange.org (hereinafter referred to as the Operator) regarding the processing of users personal data and sets forth the system of fundamental principles applied to the processing of personal data.
1.2 The Policy regarding the processing of users personal data on the website (hereinafter referred to as the Policy) is developed to comply with the legal requirements pertaining to personal data and user identification on the site.
The Policy applies to all personal data processed by the Operator.
1.2 The Policy regarding the processing of users personal data on the website (hereinafter referred to as the Policy) is developed to comply with legislative requirements concerning the processing of personal data and user identification on the site.
The Policy applies to all personal data processed by the Operator.
1.3 The Policy establishes the procedure for processing users personal data on the website, including actions related to the collection, systematization, accumulation, storage, clarification (updating, modification), and destruction of personal data.
1.4 The Policy establishes mandatory requirements and rules for employees of the Operator involved in servicing the website regarding the handling of all types of information carriers containing users personal data.
1.5 The Policy does not cover issues related to ensuring the security of personal data classified, in accordance with the established procedure, as information constituting a state secret.
1.6 Terms and Definitions:
Personal data – any information directly or indirectly related to a specific or identifiable individual (personal data subject).
Operator – a government body, municipal body, legal entity, or individual who independently or jointly with others organizes and/or carries out the processing of personal data, as well as determines the purposes of processing personal data, the composition of personal data subject to processing, actions (operations) performed with personal data.
Processing of personal data - any action (operation) or a set of actions (operations) performed with personal data using automation tools or without such tools, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
User - an Internet user, and in particular, a user of the fchange.org website.
Automated processing of personal data – processing of personal data using computer technology.
Providing personal data – actions aimed at disclosing personal data to a specific person or a certain group of persons.
Blocking of personal data – temporary suspension of the processing of personal data (except in cases where processing is necessary to clarify personal data).
Destruction of personal data – actions that make it impossible to restore the content of personal data in the information system of personal data and/or actions that result in the destruction of material carriers of personal data.
Depersonalization of personal data – actions that make it impossible, without using additional information, to determine the belonging of personal data to a specific subject of personal data.
1.7 The Operator ensures the confidentiality and security of personal data during their processing in accordance with legal requirements and does not disclose or distribute personal data to third parties without the consent of the personal data subject, unless otherwise provided by law.
In accordance with the list of personal data processed on the website, the personal data of website users is considered confidential information.
2. Main Rights and Obligations of the Operator and the Personal Data Subject.
2.1. The Operator has the right to:
Receive personal data from the personal data subjects and from third parties (individuals who are not personal data subjects);
Independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations stipulated by personal data laws and regulatory legal acts adopted in accordance with them;
In the event of the personal data subjects withdrawal of consent for the processing of personal data, the Operator has the right to continue processing personal data without the consent of the personal data subject;
2.2 2.2 The Operator is obliged to:
Organize the processing of personal data in accordance with the requirements of personal data laws;
Respond to inquiries and requests from personal data subjects and their legal representatives in accordance with the requirements of personal data laws.
2.3. The personal data subject has the right to:
Receive information regarding the processing of their personal data, except as provided by laws. The information is provided to the personal data subject by the Operator in an accessible form and should not contain personal data related to other personal data subjects, except in cases where there are legal grounds for disclosing such personal data.
Demand from the Operator the clarification of their personal data, their blocking, or destruction in cases where personal data is incomplete, outdated, inaccurate, unlawfully obtained, or not necessary for the stated processing purpose;
3. Purposes of Personal Data Collection
3.1. The processing of personal data is limited to the achievement of specific, predetermined, and lawful purposes. Processing of personal data that is incompatible with the purposes of personal data collection is not allowed.
3.2. Only personal data that corresponds to the purposes of processing is subject to processing.
3.3. The processing of personal data of website users is carried out exclusively for the purpose of providing the user with the opportunity to interact with the website.
3.4 Information constituting personal data on the website is any information related to a specific or identifiable individual (personal data subject) based on such information.
4. The scope of processed personal data.
4.1. The content and scope of processed personal data of website users correspond to the stated processing purposes outlined in Section 3 of this Policy. The processed personal data should not be excessive in relation to the declared purposes of their processing.
4.2. The Operator may process the following personal data of users:
Source of access to the site (sites) and information about the search or advertising query.
Data about the users device, including resolution, version, and other attributes characterizing the users device.
User clicks, page views, form field entries, banner displays, and video views.
Data characterizing audience segments;
Session parameters;
Visiting time data;
User identifier stored in a cookie;
Last name;
First name;
Patronymic;
Contact phone number;
Email address.
4.3 The Operator does not process special categories of personal data related to racial or ethnic origin, political opinions, religious or philosophical beliefs, health status, or intimate life.
4.4 The Operator does not process biometric personal data.
4.5 The Operator does not carry out cross-border transfer of personal data.
5. Order and Conditions of Personal Data Processing.
5.1. The processing of personal data is carried out by the Operator in accordance with the requirements of the legislation.
5.2. The processing of personal data is carried out with the consent of the personal data subjects for the processing of their personal data.
5.3. The Operator performs both automated and non-automated processing of personal data.
5.4. Employees of the Operator whose job responsibilities include the processing of personal data are allowed to process personal data.
5.5. The disclosure, provision to third parties, and dissemination of personal data without the consent of the personal data subject are not allowed.
5.6. The Operator takes necessary legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, dissemination, and other unauthorized actions, including:
Identifying threats to the security of personal data during their processing;
Adopting local regulations and other documents regulating relationships in the field of processing and protecting personal data;
Creating necessary conditions for working with personal data;
Organizing document accounting containing personal data;
Organizing work with information systems processing personal data;
Storing personal data under conditions ensuring their safety and preventing unauthorized access.
5.7. The Operator stores personal data in a form that allows identifying the personal data subject for no longer than the purposes of processing personal data require.
6. Storage Procedure and Terms for Personal Data.
6.1. The Operator only carries out the storage of personal data of Users on the Site.
6.2. The retention period for personal data of users begins from the moment of giving consent for the processing of personal data, obtained through the acceptance of the offer, which does not require bilateral signing and is valid in electronic form. It continues until the user expresses a desire to delete their personal data from the site.
6.3. In the event of data deletion from the site at the initiative of one of the parties, namely the cessation of site usage, the users personal data is stored in the Operators databases for five years.
6.4. Upon the expiration of the aforementioned storage period, the users personal data is automatically deleted by the algorithm set by the Operator.
6.5 The Operator does not process the personal data of Users on paper-based media.
7. Deletion and destruction of personal data.
7.1. Upon achieving the purposes of personal data processing, as well as in the event of the data subjects withdrawal of consent for their processing, personal data shall be subject to destruction if:
Otherwise is not provided by the contract, where the data subject is a party, beneficiary, or surety;
The operator is not entitled to process the data without the consent of the data subject;
unless otherwise provided by another agreement between the Operator and the data subject.
7.2. The data subject has the right to request the destruction of their personal data in writing if the personal data is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose.
7.3. If it is not possible to destroy personal data, the Operator shall block such personal data.
7.4. Destruction of personal data is carried out by erasing information using certified software with guaranteed destruction (in accordance with specified characteristics for the installed software with guaranteed destruction).
8. These are the concluding provisions.
8.1. Control over compliance with the requirements of this Policy is carried out by the authorized person responsible for organizing the processing of personal data at the Operator.
8.2. The terms of the Policy are established, amended, and canceled by the Operator unilaterally without prior notice to the User. From the moment of posting a new version of the Policy on the website, the previous version is considered void. In the case of a significant change in the terms of the Policy, the Operator notifies users by posting a corresponding message on the website.
8.3. The unconditional acceptance (acceptance) of the terms of this policy is considered the fact of the user submitting an application on the fchange.org website and agreeing to the processing of their personal data.
Consent to the processing of personal data, obtained through the acceptance of this offer, does not require bilateral signing and is valid in electronic form.
8.4. If the User does not agree with the terms of this Policy, they must immediately delete their profile from the site or inform the Operator of their disagreement. Otherwise, the continued use of the site by the User signifies their agreement with the terms of this Policy.
8.5. The current Policy regarding the processing of personal data of site users is posted on the page at the following address: https://fchange.org/privacy-policy/