Personal Data Processing Policy

General provisions

This personal data processing policy has been drawn up in accordance with the requirements of Federal Law No. 152-FZ "On Personal Data" as of July 27, 2006 (the "Personal Data Law") and determines the procedure for processing personal data and measures to ensure security of personal data taken by TEQTUM RUS (the "Operator").

1.1.  The operator sets the observance of human and civil rights and freedoms when processing personal data, including the protection of the right to personal and family privacy as its most important goal and condition of its operation.

1.2.  This Operator's policy regarding the processing of personal data (the "Policy") shall apply to all information about visitors of the website https://teqtum.lv that the Operator can obtain.

Basic terms used in the policy

2.1.  Automated processing of personal data shall mean processing of personal data using computer technologies.

2.2.  Blocking of personal data shall mean temporary suspension of the processing of personal data (unless the processing is needed to clarify personal data).

2.3.  Website shall mean a set of graphic and information materials, as well as computer programs and databases ensuring their availability on the Internet at the network address https://teqtum.lv.

2.4.  Information system of personal data shall mean a set of personal data contained in databases and information technologies and technical means ensuring their processing.

2.5. Depersonalization of personal data shall mean actions as a result of which it is impossible to determine, without the use of additional information, the belonging of personal data to a certain User or another subject of personal data.

2.6. Processing of personal data shall mean any action (operation) or a set of actions (operations) performed with personal data using automation tools or without using such tools, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.

2.7. Operator shall mean a state body, municipal body, legal entity or individual independently or jointly with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data to be processed, and actions (operations) performed with personal data.

2.8. Personal data shall mean any information relating directly or indirectly to a certain or definable User of the website https://teqtum.lv.

2.9. Personal data permitted by the subject of personal data for distribution shall mean personal data access of an unlimited number of persons to which is provided by the subject of personal data by giving consent to processing of personal data permitted by the subject of personal data for distribution in the manner prescribed by the Personal Data Law (the "personal data permitted for distribution").

2.10. User shall mean any visitor to the website https://teqtum.lv.

2.11. Provision of personal data shall mean actions aimed at disclosing personal data to a certain person or a certain group of persons.

2.12. Distribution of personal data shall mean any actions aimed at disclosing personal data to an indefinite group of persons (transfer of personal data) or at familiarization with personal data of an unlimited group of persons, including disclosure of personal data in mass media, posting in information and telecommunication networks or provision of access to personal data in any other way.

2.13. Cross-border transfer of personal data shall mean the transfer of personal data to the territory of a foreign state to a foreign authority, foreign individual or foreign legal entity.

2.14. Destruction of personal data shall mean any actions as a result of which personal data are destroyed irrevocably without the possibility of further recovery of the content of personal data in the personal data information system and (or) material media carrying personal data are destroyed.

Main rights and obligations of the Operator

3.1. The Operator is entitled to:

– obtain from the subject of personal data reliable information and/or documents containing personal data;

– if the subject of personal data withdraws a consent to the processing of personal data, the Operator may continue processing personal data without the consent of the subject of personal data in the event there being cause specified in the Personal Data Law;

– independently determine the composition and list of measures required and sufficient to ensure the fulfillment of obligations prescribed by the Personal Data Law and regulatory legal acts adopted in accordance with it, unless otherwise provided by the Personal Data Law or other federal laws.

3.2. The Operator shall:

– provide the subject of personal data, upon request, with the information regarding the processing of the corresponding personal data;

– organize the processing of personal data in the manner prescribed by the current legislation of the Russian Federation;

– respond to requests and inquiries from subjects of personal data and their legal representatives in accordance with the requirements of the Personal Data Law;

– provide the authorized body for the protection of the rights of subjects of personal data upon request with the necessary information within 30 days from the date of receipt of such a request;

– publish or otherwise provide unrestricted access to this Policy in relation to the processing of personal data;

– take legal, organizational and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, provision, and distribution of personal data, as well as from other illegal actions in relation to personal data;

– stop the transfer (distribution, provision, access) of personal data, cease processing and destroy personal data in the manner and in cases provided for by the Personal Data Law;

– perform other duties established by the Personal Data Law.

Main rights and obligations of personal data subjects

4.1. Personal data subjects are entitled to:

– obtain information regarding the processing of their personal data, except for cases stipulated by federal laws. The information shall be provided to the subject of personal data by the Operator in an intelligible form, and it shall not contain personal data relating to other subjects of personal data, unless there are legal grounds for disclosing such personal data. The list of information materials and the procedure for obtaining them is established by the Personal Data Law;

– demand from the Operator to clarify their personal data, block or destroy it if the personal data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing, as well as take measures provided by law to protect their rights;

– bring forward a condition of prior consent when processing personal data in order to promote goods, works and services in the market;

– withdraw consent to process personal data;

– appeal to the authorized body or in court for the protection of rights of personal data subjects against illegal actions or inaction of the Operator when processing their personal data;

– exercise other rights stipulated by the legislation of the Russian Federation.

4.2. Personal data subjects shall:

– provide the Operator with personal reliable data;

– inform the Operator about the clarification (update, change) of their personal data.

4.3. Persons who have transferred false personal information about to the Operator, or information about another subject of personal data without the consent of the latter, shall be liable in accordance with the legislation of the Russian Federation.

The Operator may process the following personal data of the User

5.1. Surname, first name and patronymic.

5.2. E-mail address.

5.3. Phone numbers.

5.4. Region of presence.

5.5. The website also collects and processes anonymized data on visitors (including cookies) using Internet statistics services (Yandex.Metrica and Google Analytics, etc.).

5.6. The above data are hereinafter referred to as the "Personal Data" in this Policy.

5.7. The processing of special categories of personal data concerning race, nationality, political views, religious or philosophical beliefs, or intimacy is not carried out by the Operator.

5.8. The processing of personal data permitted for distribution from the list of special categories of personal data specified in Part 1 of Article 10 of the Personal Data Law shall be allowed if the prohibitions and conditions provided for in Article 10.1 of the Personal Data Law are complied with.

5.9. The User's consent to the processing of personal data permitted for distribution shall be made separately from other consents to process their personal data. In this case, the conditions set forth in Article 10.1 of the Personal Data Law shall be complied with. The requirements for such content shall be established by the authorized body for the protection of rights of personal data subjects.

5.9.1 The User shall submit the consent to the processing of personal data permitted for distribution directly to the Operator.

5.9.2 The Operator is obliged, no later than in three working days from the moment of receipt of the specified consent of the User, to publish information on the processing conditions, the existence of prohibitions and conditions for the processing of personal data permitted for the distribution by an unlimited number of persons.

5.9.3 The transfer (distribution, provision, access) of personal data permitted by the subject of personal data for distribution shall be ceased at any time at the request of the personal data subject. This requirement shall include the surname, first name, patronymic (if any), contact information (phone number, e-mail address or postal address) of the subject of personal data, as well as the list of personal data, the processing of which is subject to cessation. The personal data specified in this requirement may be processed only by the Operator it is sent to.

5.9.4 Consent to the processing of personal data permitted for distribution shall be terminated from the moment the Operator receives the request specified in clause 5.9.3 of this Policy concerning the processing of personal data.

Rules of processing personal data

6.1. The processing of personal data shall be carried out on a legitimate and equitable basis.

6.2. The processing of personal data shall be limited to the achievement of specific, predetermined and legitimate purposes. Processing of personal data that is incompatible with the purposes of collecting personal data shall not be permitted.

6.3. It is not permitted to combine databases containing personal data, the processing of which is carried out for purposes incompatible with each other.

6.4. Only personal data that meet the purposes of their processing shall be subject to processing.

6.5. The content and volume of the processed personal data shall comply with the stated purposes of processing. The redundancy of the processed personal data in relation to the stated purposes of their processing shall not be permitted.

6.6. When processing personal data, the accuracy of personal data, its sufficiency, and, if necessary, relevance in relation to the purposes of processing shall be ensured. The Operator shall take the necessary measures and/or ensure adoption of the necessary measures to delete or clarify incomplete or inaccurate data.

6.7. The storage of personal data shall be carried out in a form that makes it possible to determine the subject of personal data, no longer than the purpose of processing personal data requires, if the storage period for personal data is not established by the federal law or an agreement with the subject of personal data being a party, beneficiary or guarantor. The processed personal data shall be destroyed or depersonalized upon achievement of the processing purposes or in case there is no further need to achieve these purposes, unless otherwise provided by the federal law.

Purposes of personal data processing

7.1. The purpose of the processing of the User's personal data shall be as follows:

– informing the User by sending e-mails;

– conclusion, execution and termination of civil contracts;

– providing the User with access to services, information and/or materials on the website https://teqtum.lv;

– using of data for marketing and analytical purposes

7.2. The Operator is also entitled to send the User notifications on new products and services, special offers and various events. The User may at any time refuse to receive information messages by sending an email to the Operator at info@tq marked "Refusal of notifications about new products and services and special offers".

7.3. Anonymized data of the Users collected using Internet statistics services are used to collect information on the actions of the Users on the website and improve the quality of the website and its content.

Legal basis for the processing of personal data

8.1. The legal basis for the processing of personal data by the Operator shall be as follows:

– Federal Law No. 152-FZ "On Personal Data" as of July 27, 2006;

– federal laws, other regulations in the field of personal data protection;

– consent of the Users to the processing of their personal data and to the processing of personal data permitted for distribution.

8.2. The Operator shall process the User's personal data only if they are filled in and/or sent by the User themselves through special forms on the website https://teqtum.lv or sent to the Operator via e-mail. By filling in these forms and/or sending their personal data to the Operator, the User agrees with this Policy.

8.3. The Operator shall process anonymized data on the User if it is permitted in the settings of the User's browser (the saving of cookies and use of JavaScript technology are enabled).

8.4. The subject of personal data independently decides on the provision of their personal data and gives consent of own free will and volition and in their interest.

Terms of personal data processing

9.1. The processing of personal data shall be carried out with the consent of the subject of personal data to process their personal data.

9.2. The processing of personal data is necessary to achieve the purposes provided for by an international treaty of the Russian Federation or by law, for the implementation of the functions, powers and duties imposed by the legislation of the Russian Federation on the Operator.

9.3. The processing of personal data is necessary for the administration of justice, the execution of a judicial act, an act of another body or official, subject to execution in accordance with the legislation of the Russian Federation on enforcement proceedings.

9.4. The processing of personal data is necessary for the execution of an agreement, to which the subject of personal data is a party or beneficiary or guarantor, as well as for concluding an agreement on the initiative of the subject of personal data or an agreement under which the subject of personal data will be the beneficiary or guarantor.

9.5. The processing of personal data is necessary to exercise rights and legitimate interests of the Operator or third parties or to achieve socially significant goals, provided that this does not infringe the rights and freedoms of the subject of personal data.

9.6. Personal data access to which is provided by the subject of personal data to an unlimited group of persons or at their request (the "publicly available personal data") are processed.

9.7. Personal data subject to publication or mandatory disclosure in accordance with the federal law are processed.

The procedure for collecting, storing, transferring and other types of processing of personal data shall be as follows:

The security of personal data processed by the Operator shall be ensured through the implementation of legal, organizational and technical measures necessary to fully comply with the requirements of the current legislation in the field of personal data protection.

10.1. The Operator shall ensure the safety of personal data and take all reasonable measures to prevent access of unauthorized persons to personal data.

10.2. The User's personal data shall never and under no circumstances be transferred to third parties, except for cases related to the execution of the current legislation or if the subject of personal data has given consent to transfer data to a third party to the Operator in order to fulfill obligations under a civil contract.

10.3. If any inaccuracies in personal data are revealed, the User may update it themselves by sending a notification to the Operator at the Operator's e-mail address info@tq marked "Updating of personal data".

10.4. The period for processing personal data shall be determined by the achievement of the purposes for which the personal data have been collected, unless another period is provided for by the contract or current legislation.

The User may at any time withdraw their consent to the processing of personal data by sending a notification to the Operator via e-mail at the Operator's email address info@tq marked "Withdrawal of consent to the processing of personal data".

10.5. All information that is collected by third-party services, including payment systems, communication tools and other service providers, shall be stored and processed by the specified services (Operators) in accordance with their User Agreement and Privacy Policy. The subject of personal data and/or the User shall study these documents in a timely manner. The Operator shall not be responsible for the actions of third parties, including actions of service providers specified in this clause.

10.6. The prohibitions on transferring (except for providing access), as well as processing or processing conditions (except for gaining access) of personal data permitted for distribution established by the subject of personal data shall not apply in cases of processing personal data in state, social and other public interests determined by the Russian Federation legislation.

10.7. When processing personal data, the Operator shall ensure the confidentiality of personal data.

10.8. The Operator shall store personal data in a form that makes it possible to determine the subject of personal data, no longer than the purpose of processing personal data requires, if the storage period for personal data is not established by the federal law or an agreement to which the subject of personal data is a party, beneficiary or guarantor.

10.9. A condition for termination of the processing of personal data may be achievement of the purposes of processing personal data, expiration of the consent of the personal data subject or withdrawal of consent by the personal data subject, as well as revealing of illegal processing of personal data.

List of actions performed by the Operator with the obtained personal data

11.1. The Operator shall collect, record, systematize, accumulate, store, clarify (update, change), extract, use, transfer (distribute, provide, access), depersonalize, block, delete and destroy personal data.

11.2. The Operator shall carry out automated processing of personal data with the receipt and/or transmission of the information received via information and telecommunication networks or without such receipt or transmission.

Cross-border transfer of personal data

12.1. Before starting the cross-border transfer of personal data, the Operator shall make sure that the foreign state, to the territory of which it is suggested to transfer personal data, ensures reliable protection of the rights of subjects of personal data.

12.2. Cross-border transfer of personal data in the territory of foreign states that do not meet the above requirements may be carried out only if there is a written consent of the subject of personal data to the cross-border transfer of their personal data and/or execution of an agreement to which the subject of personal data is a party.

Confidentiality of personal data

The Operator and other persons who have gained access to personal data shall not disclose to third parties and distribute personal data without the consent of the subject of personal data, unless otherwise provided by the federal law.

Final provisions

14.1. The User may obtain any clarification on issues of interest regarding the processing of their personal data by contacting the Operator at info@tq.

14.2. This document shall reflect any and all changes in the Personal Data Processing Policy by the Operator. The Policy shall remain in force without limit of time until it is replaced with a new revision.

14.3. The most recent version of the Policy is freely available in the Internet at https://teqtum.lv/konfidencialitates-politika.