Make a request
Personal Data Processing Policy
Introduction
  • The most important condition for realization of the goals of Many to Many LLC activity (hereinafter referred to as the Operator) is ensuring the necessary and sufficient level of information security of information, which includes personal data.
  • The Policy with regard to treatment of personal data of the Operator (hereinafter referred to as the "Policy") determines the procedure of collection, storage, transfer, and other types of treatment of personal data, as well as information about requirements for protection of personal data being implemented.
  • This Policy has been developed in accordance with the applicable laws of the Russian Federation.
Composition of personal data
  • Details constituting personal data are any information relating to a directly or indirectly defined or identifiable individual (the subject of personal data). A detailed list of personal data is recorded in the Operator’s local regulatory documents.
  • All personal data processed by the Operator is confidential, strictly protected information in accordance with the law.
Purposes of personal data processing
  • Personal data is processed by the Operator in order to: organize and conduct by the Operator (including with the involvement of third parties) loyalty programs, marketing and/or advertising campaigns, research, surveys, and other activities; fulfill obligations under the service contract; provide other services to the subjects of personal data; promote services and/or goods of the Operator and/or the Operator’s partners in the market by direct contacts with the Operator’s customers by various means of communication, including, but not limited to, telephone, e-mail, postal mailing, Internet, etc.; for other purposes, if the Operator’s actions are not contrary to applicable law.
  • The Operator processes the following personal data in order to properly perform its duties as Operator: Last Name, First Name, Patronymic, contact telephone number, e-mail address; and, if necessary, city and country of residence.
Procedure for the collection, storage, transmission and other types of processing of personal data
  • Processing of personal data carried out without the use of automation means shall be carried out in such a way that in relation to each category of personal data it is possible to determine the places of storage of personal data (physical carriers). The operator has created a list of individuals who process or have access to personal data. Separate storage of personal data (physical carriers) processed for different purposes is ensured. The Operator ensures the safety of personal data and takes measures to prevent unauthorized access to personal data.
  • Processing of personal data carried out with the use of automation tools is subject to the following actions: The operator implements technical measures to prevent unauthorized access to personal data and (or) its transfer to persons not authorized to access such information; security tools are adjusted for timely detection of facts of unauthorized access to personal data; technical means of automated processing of personal data are isolated to avoid impact on them, which may result in disruption of their operation; The Operator makes backup copies of data in order to be able to immediately restore personal data modified or destroyed as a result of unauthorized access to it; continuously monitors the level of protection of personal data.
Information about the implemented requirements for the protection of personal data
  • The Operator performs the following activities: determines the threats to the security of personal data during their processing, forms a threat model based on them; develops a threat model-based personal data protection system that provides neutralization of suspected threats using the techniques and methods of personal data protection provided for the relevant class of information systems; develops a plan for inspecting the readiness of new information protection tools for use and drawing conclusions on their operation; installs and activates information security tools in accordance with operational and technical documentation; keeps records of used information protection means, the operational and technical documentation for them, and personal data carriers; keeps records of persons admitted to work with personal data in information systems; monitors compliance with conditions for use of information protection means provided for in the operational and technical documentation; a description of the protection system;
  • In order to develop and implement specific measures to ensure the security of personal data during its processing in the information system, the Operator or an authorized person is responsible for the Operator’s information technology division. Persons whose access to personal data processed in the information system is necessary for the performance of official (work) duties shall be allowed to access relevant personal data based on the list approved by the Operator. Requests of users of the information system to obtain personal data, as well as facts about the provision of personal data on such requests, shall be registered by automated means of the information system in the electronic log of requests. The contents of the electronic log of requests shall be periodically checked by the relevant officials (employees) of the Operator or an authorized person. If any violations of the procedure for providing personal data are discovered, the Operator or an authorized person shall immediately suspend the provision of personal data to users of the information system until the reasons for such violations are identified and eliminated.
Rights and obligations of the Operator
The Operator of personal data has the right to:
  • defend its interests in court;
  • provide the subjects' personal data to third parties if it is stipulated by the legislation in force (tax, law enforcement authorities, etc.);
  • refuse to provide personal data in cases provided by the law;
  • to use the subject’s personal data without his or her consent in cases provided by the legislation.
Rights and obligations of the subject of personal data
The subject of personal data has the right to:
  • demand clarification of his or her personal data, their blocking or destruction in case the personal data is incomplete, outdated, unreliable, illegally obtained, or not necessary for the stated purpose of processing, as well as to take statutory measures to protect his or her rights;
  • demand a list of his or her personal data, processed by the Operator and the source of its receipt; receive information about the terms of the processing of his or her personal data, including the terms of its storage;
  • demand to notify all persons, to whom his/her personal data was earlier communicated incorrectly or incompletely, about all exceptions, corrections, or additions made to it;
  • appeal to the authority responsible for the protection of the rights of subjects of personal data or in court against unlawful acts or omissions in the processing of his personal data;
  • In court, he must defend his rights and legitimate interests, including compensation for losses and (or) compensation for moral harm.
Cookie Policy
  • This section is part of the Privacy Policy and describes the use of cookies on JUG RU Group websites.
  • Cookies are used on the Operator’s websites to improve the quality of visitor interaction with these websites, allowing websites to "remember" visitors for their first or repeat visits. In some cases, cookies are used to personalize information on websites based on visitors' locations and/or website visit preferences.
  • The operator uses cookies that are necessary for visitors to move around the site or for certain basic functions to work. Cookies are used to improve the functionality of the website, for example, by storing the visitor’s preferences. The operator also uses cookies to improve the performance of its websites and the quality of visitors' interactions with them.
  • To avoid ambiguity: the Operator does not use cookies to collect personally identifiable information from visitors.
  • The following cookies may be used when you visit the Operator’s websites:
  • The site visited sets its own cookies, which can only be read by that site.
  • Third-party cookies are set by other entities whose services are used by the Operator. For example, the Operator uses third-party analytics services, and the providers of these services set cookies on behalf of the Operator to tell the Operator which sections on the Operator’s websites are popular and which are not. The Operator’s sites may contain material downloaded from, for example, YouTube, and such third-party sites may set their own cookies.
  • If a visitor does not want to receive cookies, they can set their browser to receive a notification each time they send a cookie, or reject all cookies. You can also delete existing cookies.
  • If a visitor wants to limit or block the cookies placed on their device, they can do so through the browser settings according to the help instructions of that browser. Instructions on how to do this in the browser of a mobile device should be given in the manual of that device.
  • The Operator’s websites may contain links to other sites that are outside the Operator’s control and jurisdiction under this policy. Operators of these sites may collect information about visitors and use it in accordance with their policies, which may differ from those of the Operator.
  • The Operator reserves the right to change and/or update this policy at any time.
Final Provisions
  • This Policy is subject to change, amendment in the case of new legislative acts, and special regulatory documents on the processing and protection of personal data.
  • This Policy is an internal document of the Operator and is subject to placement on the Operator’s websites.
  • Control over the execution of the requirements of this Policy shall be carried out by the person responsible for ensuring the security of personal data at the Operator.