Personal Data Processing Policy
1. General Provisions
This Personal Data Processing Policy is prepared in accordance with the requirements of the Federal Law No. 152-FZ dated July 27, 2006, “On Personal Data” (hereinafter referred to as the “Personal Data Law”) and defines the procedures for processing personal data and the security measures implemented by LLC “NPP Sofit” (hereinafter referred to as the “Operator”).
1.1. The Operator considers it a primary objective and condition of its activities to uphold the rights and freedoms of individuals and citizens in the processing of their personal data, including the protection of the right to privacy, personal and family secrecy.
1.2. This Policy of the Operator regarding personal data processing (hereinafter referred to as the “Policy”) applies to all information that the Operator may obtain about visitors of the website https://lesohimiya.ru/en .
2. Key Terms Used in This Policy
2.1. Automated processing of personal data — processing of personal data using computing equipment.
2.2. Blocking of personal data — temporary suspension of personal data processing (except in cases where processing is necessary to clarify personal data).
2.3. Website — a collection of graphical and informational materials, as well as computer programs and databases, ensuring access to them via the internet at the address https://lesohimiya.ru/en .
2.4. Personal data information system — a combination of personal data stored in databases and the information technologies and technical means ensuring their processing.
2.5. Anonymization of personal data — actions that make it impossible to identify a specific data subject without additional information.
2.6. Processing of personal data — any action (operation) or set of actions (operations) performed with personal data, whether or not using automated means, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transmission (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state authority, municipal authority, legal entity, or individual who independently or jointly with others organizes and/or carries out the processing of personal data, and determines the purposes of processing, the composition of personal data to be processed, and the operations performed with such data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable visitor of the website https://lesohimiya.ru/en.
2.9. Personal data permitted for dissemination by the data subject — personal data to which an unlimited circle of persons is granted access by the data subject through consent to processing, as provided for by the Personal Data Law (hereinafter referred to as “personal data permitted for dissemination”).
2.10. User — any visitor of the website https://lesohimiya.ru/en.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an undefined circle of persons (transfer of personal data) or making personal data accessible to an unlimited circle of persons, including publication in mass media, placement in information and telecommunication networks, or any other means of access.
2.13. Cross-border transfer of personal data — transfer of personal data to a foreign state authority, foreign individual, or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irreversible destruction of personal data, making restoration of their content in the personal data information system and/or destruction of physical media containing such data impossible.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to: — Obtain from the data subject reliable information and/or documents containing personal data; — In the event of withdrawal of consent by the data subject for processing personal data or submission of a request to cease processing, the Operator may continue processing personal data without consent if grounds exist as specified in the Personal Data Law; — Independently determine the composition and list of measures necessary and sufficient to fulfill obligations under the Personal Data Law and related regulatory acts, unless otherwise provided by the Personal Data Law or other federal laws.
3.2. The Operator is obligated to: — Provide the data subject, upon request, information regarding the processing of their personal data; — Organize personal data processing in accordance with applicable Russian legislation; — Respond to requests and inquiries from data subjects and their authorized representatives in accordance with the requirements of the Personal Data Law; — Provide the authorized body for the protection of data subjects’ rights with required information within 10 days of receiving such a request; — Publish or otherwise ensure unrestricted access to this Personal Data Processing Policy; — Implement legal, organizational, and technical measures to protect personal data against unlawful or accidental access, destruction, modification, blocking, copying, provision, dissemination, and other unlawful actions; — Cease transmission (dissemination, provision, access), processing, and destroy personal data in accordance with the procedures and cases provided for by the Personal Data Law; — Perform other obligations stipulated by the Personal Data Law.
4. Main Rights and Obligations of Data Subjects
4.1. Data subjects have the right to: — Receive information regarding the processing of their personal data, except in cases provided for by federal laws. Information shall be provided in an accessible format and shall not contain personal data relating to other data subjects, except where legal grounds exist for disclosure. The list of information and procedures for obtaining it are established by the Personal Data Law; — Request the Operator to correct, block, or delete personal data if such data are incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose, and to take measures provided by law to protect their rights; — Require prior consent for processing personal data for marketing purposes; — Withdraw consent for processing personal data and submit a request to cease processing; — File a complaint with the authorized body for the protection of data subjects’ rights or in court regarding unlawful actions or inaction by the Operator in processing their personal data; — Exercise other rights provided by Russian legislation.
4.2. Data subjects are obligated to: — Provide the Operator with accurate information about themselves; — Notify the Operator of any updates, corrections, or changes to their personal data.
4.3. Individuals who provide the Operator with inaccurate information about themselves or about another data subject without the latter’s consent bear responsibility in accordance with Russian legislation.
5. Principles of Personal Data Processing
5.1. Personal data processing shall be lawful and fair.
5.2. Processing of personal data shall be limited to achieving specific, clearly defined, and lawful purposes. Processing incompatible with the original purposes of collection is prohibited.
5.3. Databases containing personal data processed for incompatible purposes shall not be combined.
5.4. Only personal data necessary for achieving the purposes of processing shall be subject to processing.
5.5. The content and volume of processed personal data shall correspond to the stated purposes. Excessive data processing is prohibited.
5.6. Accuracy, sufficiency, and, where necessary, relevance of personal data shall be ensured with respect to the processing purposes. The Operator shall take necessary measures to delete or correct incomplete or inaccurate data.
5.7. Personal data shall be stored in a form permitting identification of the data subject for no longer than necessary for the purposes of processing, unless otherwise provided by federal law, contract, or agreement where the data subject is a party, beneficiary, or guarantor. Personal data shall be destroyed or anonymized upon achievement of the processing purposes or when such data are no longer necessary, unless otherwise required by federal law.
6. Purposes of Personal Data Processing
Purpose of Processing:
Personal data (full name, email, phone number) are collected and processed for the purpose of informing clients about the Company’s products, services, promotions, and news via email, telephone calls, SMS messages, and messaging platforms, as well as for fulfilling contractual obligations.
Personal Data Collected:
Consent of the data subject
Types of Processing:
Collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data
7. Conditions for Processing Personal Data
7.1. Processing of personal data is carried out with the consent of the data subject.
7.2. Processing is necessary to fulfill obligations under international treaties of the Russian Federation or federal laws, or to perform functions, powers, and duties assigned to the Operator by Russian law.
7.3. Processing is necessary for the administration of justice, execution of court decisions, or other legally binding acts.
7.4. Processing is necessary for the performance of a contract to which the data subject is a party, beneficiary, or guarantor, or for entering into a contract initiated by the data subject or under which the data subject will be a beneficiary or guarantor.
7.5. Processing is necessary to protect the legitimate interests of the Operator or third parties, or to achieve socially significant goals, provided that the rights and freedoms of the data subject are not violated.
7.6. Processing is carried out on personal data to which the data subject has granted unrestricted public access or upon their request (hereinafter referred to as “publicly available personal data”).
7.7. Processing is carried out on personal data that must be published or disclosed as required by federal law.
8. Procedures for Collection, Storage, Transmission, and Other Types of Processing
The security of personal data processed by the Operator is ensured through the implementation of legal, organizational, and technical measures necessary to fully comply with applicable personal data protection legislation.
8.1. The Operator ensures the confidentiality of personal data and takes all reasonable measures to prevent unauthorized access.
8.2. The personal data of Users shall never be transferred to third parties, except in cases required by applicable law or when the data subject has given explicit consent for transfer to a third party for the performance of civil-law obligations.
8.3. If inaccuracies in personal data are identified, the User may update them independently by sending a notification to the Operator’s email address: sofit-nn@yandex.ru with the subject “Personal Data Update”.
8.4. The period of personal data processing is determined by the achievement of the purposes for which the data were collected, unless otherwise specified by contract or applicable law.
The User may withdraw consent for processing at any time by sending a notification to the Operator’s email address: sofit-nn@yandex.ru with the subject “Withdrawal of Consent for Personal Data Processing”.
8.5. All information collected by third-party services, including payment systems, communication tools, and other service providers, is stored and processed by such entities in accordance with their own Terms of Service and Privacy Policies. The Operator bears no responsibility for the actions of such third parties.
8.6. Restrictions imposed by the data subject on the transfer (except for access), processing, or conditions of processing of personal data permitted for dissemination shall not apply in cases of processing for state, public, or other public interests as defined by Russian law.
8.7. The Operator ensures the confidentiality of personal data during processing.
8.8. Personal data are stored in a form allowing identification of the data subject for no longer than necessary for the purposes of processing, unless otherwise required by federal law, contract, or agreement where the data subject is a party, beneficiary, or guarantor.
8.9. Termination of personal data processing may occur upon achievement of processing purposes, expiration of consent, withdrawal of consent, request to cease processing, or detection of unlawful processing.
9. List of Operations Performed by the Operator on Personal Data
9.1. The Operator performs collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transmission (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data.
9.2. The Operator performs automated processing of personal data, with or without transmission of information via information and telecommunication networks.
10. Cross-Border Transfer of Personal Data
10.1. Prior to initiating cross-border transfer of personal data, the Operator shall notify the authorized body for the protection of data subjects’ rights of its intention to carry out such transfer (this notification shall be submitted separately from the notification regarding general processing activities).
10.2. Prior to submitting the above notification, the Operator shall obtain relevant information from the authorities, individuals, or legal entities of foreign states to whom cross-border transfer is planned.
11. Confidentiality of Personal Data
The Operator and any other persons granted access to personal data are obligated not to disclose or disseminate personal data to third parties without the consent of the data subject, unless otherwise provided by federal law.
12. Final Provisions
12.1. Users may obtain any clarifications regarding the processing of their personal data by contacting the Operator via email at sofit-nn@yandex.ru .
12.2. Any changes to the Personal Data Processing Policy by the Operator will be reflected in this document. The Policy remains in effect indefinitely until replaced by a new version.
12.3. The current version of the Policy is freely accessible on the Internet at: https://lesohimiya.ru/personal-data-processing-policy/en.
1. General Provisions
This Personal Data Processing Policy is prepared in accordance with the requirements of the Federal Law No. 152-FZ dated July 27, 2006, “On Personal Data” (hereinafter referred to as the “Personal Data Law”) and defines the procedures for processing personal data and the security measures implemented by LLC “NPP Sofit” (hereinafter referred to as the “Operator”).
1.1. The Operator considers it a primary objective and condition of its activities to uphold the rights and freedoms of individuals and citizens in the processing of their personal data, including the protection of the right to privacy, personal and family secrecy.
1.2. This Policy of the Operator regarding personal data processing (hereinafter referred to as the “Policy”) applies to all information that the Operator may obtain about visitors of the website https://lesohimiya.ru/en .
2. Key Terms Used in This Policy
2.1. Automated processing of personal data — processing of personal data using computing equipment.
2.2. Blocking of personal data — temporary suspension of personal data processing (except in cases where processing is necessary to clarify personal data).
2.3. Website — a collection of graphical and informational materials, as well as computer programs and databases, ensuring access to them via the internet at the address https://lesohimiya.ru/en .
2.4. Personal data information system — a combination of personal data stored in databases and the information technologies and technical means ensuring their processing.
2.5. Anonymization of personal data — actions that make it impossible to identify a specific data subject without additional information.
2.6. Processing of personal data — any action (operation) or set of actions (operations) performed with personal data, whether or not using automated means, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transmission (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state authority, municipal authority, legal entity, or individual who independently or jointly with others organizes and/or carries out the processing of personal data, and determines the purposes of processing, the composition of personal data to be processed, and the operations performed with such data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable visitor of the website https://lesohimiya.ru/en.
2.9. Personal data permitted for dissemination by the data subject — personal data to which an unlimited circle of persons is granted access by the data subject through consent to processing, as provided for by the Personal Data Law (hereinafter referred to as “personal data permitted for dissemination”).
2.10. User — any visitor of the website https://lesohimiya.ru/en.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an undefined circle of persons (transfer of personal data) or making personal data accessible to an unlimited circle of persons, including publication in mass media, placement in information and telecommunication networks, or any other means of access.
2.13. Cross-border transfer of personal data — transfer of personal data to a foreign state authority, foreign individual, or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irreversible destruction of personal data, making restoration of their content in the personal data information system and/or destruction of physical media containing such data impossible.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to: — Obtain from the data subject reliable information and/or documents containing personal data; — In the event of withdrawal of consent by the data subject for processing personal data or submission of a request to cease processing, the Operator may continue processing personal data without consent if grounds exist as specified in the Personal Data Law; — Independently determine the composition and list of measures necessary and sufficient to fulfill obligations under the Personal Data Law and related regulatory acts, unless otherwise provided by the Personal Data Law or other federal laws.
3.2. The Operator is obligated to: — Provide the data subject, upon request, information regarding the processing of their personal data; — Organize personal data processing in accordance with applicable Russian legislation; — Respond to requests and inquiries from data subjects and their authorized representatives in accordance with the requirements of the Personal Data Law; — Provide the authorized body for the protection of data subjects’ rights with required information within 10 days of receiving such a request; — Publish or otherwise ensure unrestricted access to this Personal Data Processing Policy; — Implement legal, organizational, and technical measures to protect personal data against unlawful or accidental access, destruction, modification, blocking, copying, provision, dissemination, and other unlawful actions; — Cease transmission (dissemination, provision, access), processing, and destroy personal data in accordance with the procedures and cases provided for by the Personal Data Law; — Perform other obligations stipulated by the Personal Data Law.
4. Main Rights and Obligations of Data Subjects
4.1. Data subjects have the right to: — Receive information regarding the processing of their personal data, except in cases provided for by federal laws. Information shall be provided in an accessible format and shall not contain personal data relating to other data subjects, except where legal grounds exist for disclosure. The list of information and procedures for obtaining it are established by the Personal Data Law; — Request the Operator to correct, block, or delete personal data if such data are incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose, and to take measures provided by law to protect their rights; — Require prior consent for processing personal data for marketing purposes; — Withdraw consent for processing personal data and submit a request to cease processing; — File a complaint with the authorized body for the protection of data subjects’ rights or in court regarding unlawful actions or inaction by the Operator in processing their personal data; — Exercise other rights provided by Russian legislation.
4.2. Data subjects are obligated to: — Provide the Operator with accurate information about themselves; — Notify the Operator of any updates, corrections, or changes to their personal data.
4.3. Individuals who provide the Operator with inaccurate information about themselves or about another data subject without the latter’s consent bear responsibility in accordance with Russian legislation.
5. Principles of Personal Data Processing
5.1. Personal data processing shall be lawful and fair.
5.2. Processing of personal data shall be limited to achieving specific, clearly defined, and lawful purposes. Processing incompatible with the original purposes of collection is prohibited.
5.3. Databases containing personal data processed for incompatible purposes shall not be combined.
5.4. Only personal data necessary for achieving the purposes of processing shall be subject to processing.
5.5. The content and volume of processed personal data shall correspond to the stated purposes. Excessive data processing is prohibited.
5.6. Accuracy, sufficiency, and, where necessary, relevance of personal data shall be ensured with respect to the processing purposes. The Operator shall take necessary measures to delete or correct incomplete or inaccurate data.
5.7. Personal data shall be stored in a form permitting identification of the data subject for no longer than necessary for the purposes of processing, unless otherwise provided by federal law, contract, or agreement where the data subject is a party, beneficiary, or guarantor. Personal data shall be destroyed or anonymized upon achievement of the processing purposes or when such data are no longer necessary, unless otherwise required by federal law.
6. Purposes of Personal Data Processing
Purpose of Processing:
Personal data (full name, email, phone number) are collected and processed for the purpose of informing clients about the Company’s products, services, promotions, and news via email, telephone calls, SMS messages, and messaging platforms, as well as for fulfilling contractual obligations.
Personal Data Collected:
- Surname, first name, patronymic
- Email address
- Phone numbers
Consent of the data subject
Types of Processing:
Collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data
7. Conditions for Processing Personal Data
7.1. Processing of personal data is carried out with the consent of the data subject.
7.2. Processing is necessary to fulfill obligations under international treaties of the Russian Federation or federal laws, or to perform functions, powers, and duties assigned to the Operator by Russian law.
7.3. Processing is necessary for the administration of justice, execution of court decisions, or other legally binding acts.
7.4. Processing is necessary for the performance of a contract to which the data subject is a party, beneficiary, or guarantor, or for entering into a contract initiated by the data subject or under which the data subject will be a beneficiary or guarantor.
7.5. Processing is necessary to protect the legitimate interests of the Operator or third parties, or to achieve socially significant goals, provided that the rights and freedoms of the data subject are not violated.
7.6. Processing is carried out on personal data to which the data subject has granted unrestricted public access or upon their request (hereinafter referred to as “publicly available personal data”).
7.7. Processing is carried out on personal data that must be published or disclosed as required by federal law.
8. Procedures for Collection, Storage, Transmission, and Other Types of Processing
The security of personal data processed by the Operator is ensured through the implementation of legal, organizational, and technical measures necessary to fully comply with applicable personal data protection legislation.
8.1. The Operator ensures the confidentiality of personal data and takes all reasonable measures to prevent unauthorized access.
8.2. The personal data of Users shall never be transferred to third parties, except in cases required by applicable law or when the data subject has given explicit consent for transfer to a third party for the performance of civil-law obligations.
8.3. If inaccuracies in personal data are identified, the User may update them independently by sending a notification to the Operator’s email address: sofit-nn@yandex.ru with the subject “Personal Data Update”.
8.4. The period of personal data processing is determined by the achievement of the purposes for which the data were collected, unless otherwise specified by contract or applicable law.
The User may withdraw consent for processing at any time by sending a notification to the Operator’s email address: sofit-nn@yandex.ru with the subject “Withdrawal of Consent for Personal Data Processing”.
8.5. All information collected by third-party services, including payment systems, communication tools, and other service providers, is stored and processed by such entities in accordance with their own Terms of Service and Privacy Policies. The Operator bears no responsibility for the actions of such third parties.
8.6. Restrictions imposed by the data subject on the transfer (except for access), processing, or conditions of processing of personal data permitted for dissemination shall not apply in cases of processing for state, public, or other public interests as defined by Russian law.
8.7. The Operator ensures the confidentiality of personal data during processing.
8.8. Personal data are stored in a form allowing identification of the data subject for no longer than necessary for the purposes of processing, unless otherwise required by federal law, contract, or agreement where the data subject is a party, beneficiary, or guarantor.
8.9. Termination of personal data processing may occur upon achievement of processing purposes, expiration of consent, withdrawal of consent, request to cease processing, or detection of unlawful processing.
9. List of Operations Performed by the Operator on Personal Data
9.1. The Operator performs collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transmission (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data.
9.2. The Operator performs automated processing of personal data, with or without transmission of information via information and telecommunication networks.
10. Cross-Border Transfer of Personal Data
10.1. Prior to initiating cross-border transfer of personal data, the Operator shall notify the authorized body for the protection of data subjects’ rights of its intention to carry out such transfer (this notification shall be submitted separately from the notification regarding general processing activities).
10.2. Prior to submitting the above notification, the Operator shall obtain relevant information from the authorities, individuals, or legal entities of foreign states to whom cross-border transfer is planned.
11. Confidentiality of Personal Data
The Operator and any other persons granted access to personal data are obligated not to disclose or disseminate personal data to third parties without the consent of the data subject, unless otherwise provided by federal law.
12. Final Provisions
12.1. Users may obtain any clarifications regarding the processing of their personal data by contacting the Operator via email at sofit-nn@yandex.ru .
12.2. Any changes to the Personal Data Processing Policy by the Operator will be reflected in this document. The Policy remains in effect indefinitely until replaced by a new version.
12.3. The current version of the Policy is freely accessible on the Internet at: https://lesohimiya.ru/personal-data-processing-policy/en.
411 Vostochny Industrial Zone, Dzerzhinsk, Nizhny Novgorod Oblast, Russia
To ensure the correct operation of the website, personalize content, and analyze the effectiveness of our solutions, we use cookies. This helps us quickly locate the products, technical specifications, and documentation you need. For more details, please see our Privacy Policy.
By continuing to use the site, you agree to the use of cookies.
By continuing to use the site, you agree to the use of cookies.