1. General ProvisionsThis Personal Data Processing Policy (the "Policy") has been prepared in accordance with Federal Law No. 152-FZ dated 27.07.2006 "On Personal Data" (the "Personal Data Law") and defines the procedure for processing personal data and the measures taken by SIMIRAM PRODUCTIONS LTD (the "Operator") to ensure the security of personal data.
1.1. The Operator’s primary goal and condition for carrying out its activities is to respect human and civil rights and freedoms when processing personal data, including the protection of the rights to privacy, personal and family secrets.
1.2. This Policy applies to all information that the Operator may obtain about visitors to the website
simiramproductions.com.
2. Basic Terms Used in this Policy2.1. Automated processing of personal data — processing of personal data using computer technology.
2.2. Blocking of personal data — temporary suspension of personal data processing (except where processing is necessary to clarify personal data).
2.3. Website — a set of graphic and information materials, as well as software and databases that ensure their availability on the Internet at
simiramproductions.com.
2.4. Personal data information system — a set of personal data contained in databases and information technologies and technical means that ensure their processing.
2.5. Anonymization of personal data — actions that make it impossible, without additional information, to identify whether personal data belong to a specific User or other personal data subject.
2.6. Processing of personal data — any action (operation) or set of actions (operations) performed with or without the use of automation with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.
2.7. Operator — a state body, municipal body, legal entity or individual that, independently or jointly with others, organizes and/or performs personal data processing, and determines the purposes of processing, the composition of personal data to be processed, and the actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to an identified or identifiable User of
simiramproductions.com.
2.9. Personal data permitted by the subject for dissemination — personal data to which an unlimited number of persons are granted access by the personal data subject through consent for processing such data for dissemination, as provided by the Personal Data Law.
2.10. User — any visitor of
simiramproductions.com.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a specific circle of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or at making personal data available to an unlimited circle of persons, including publication in the media, placement in information and telecommunication networks, or providing access to personal data in any other way.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a foreign state authority, a foreign individual, or a foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irrevocable destruction of personal data with no possibility of further restoring the content of personal data in the personal data information system and/or in the destruction of tangible media carrying personal data.
3. Operator’s Key Rights and Responsibilities3.1. The Operator has the right to:
— receive from the personal data subject accurate information and/or documents containing personal data;
— continue processing personal data without the subject’s consent if the subject withdraws consent or sends a demand to stop processing, where grounds specified by the Personal Data Law exist;
— independently determine the composition and list of measures necessary and sufficient to fulfill obligations under the Personal Data Law and regulations adopted pursuant thereto, unless otherwise provided by the Personal Data Law or other federal laws.
3.2. The Operator must:
— provide the personal data subject, upon request, with information concerning the processing of his/her personal data;
— organize personal data processing in accordance with current legislation;
— respond to requests from personal data subjects and their legal representatives in accordance with the Personal Data Law;
— provide, upon request of the authorized personal data protection authority, the information required within 10 days from the date of receipt of such request;
— publish or otherwise ensure unrestricted access to this Policy;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, dissemination, and from other unlawful actions;
— stop transfer (dissemination, provision, access), cease processing, and destroy personal data in the manner and cases provided by the Personal Data Law;
— fulfill other duties prescribed by the Personal Data Law.
4. Rights and Responsibilities of Personal Data Subjects4.1. Personal data subjects have the right to:
— receive information regarding the processing of their personal data, except in cases provided by federal laws. Information is provided by the Operator in an accessible form and must not contain personal data of other subjects, except where there are legal grounds for such disclosure. The list of information and the procedure for obtaining it are established by the Personal Data Law;
— require the Operator to clarify their personal data, block or destroy it if the personal data is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose of processing, as well as to take measures provided by law to protect their rights;
— stipulate prior consent for the processing of personal data for the purposes of promoting goods, works, and services on the market;
— withdraw consent to the processing of personal data and demand that processing cease;
— appeal unlawful actions or omissions of the Operator in processing personal data to the authorized body for the protection of personal data subjects' rights or in court;
— exercise other rights provided by law.
4.2. Personal data subjects must:
— provide the Operator with accurate information about themselves;
— notify the Operator of clarification (updating, modification) of their personal data.
4.3. Persons who have provided the Operator with inaccurate information about themselves, or information about another personal data subject without that person’s consent, bear liability in accordance with law.
5. Principles of Personal Data Processing5.1. Processing of personal data is carried out on a lawful and fair basis.
5.2. Processing is limited to achieving specific, predetermined, and lawful purposes. Processing incompatible with the purposes of personal data collection is not allowed.
5.3. Combining databases containing personal data that are processed for mutually incompatible purposes is not allowed.
5.4. Only personal data that meet the purposes of processing are subject to processing.
5.5. The content and scope of processed personal data must correspond to the stated purposes. Excessive processing relative to the stated purposes is not allowed.
5.6. Accuracy, sufficiency, and, where necessary, relevance of personal data to the purposes of processing must be ensured. The Operator shall take necessary measures and/or ensure such measures are taken to delete or clarify incomplete or inaccurate data.
5.7. Personal data shall be stored in a form allowing identification of the personal data subject for no longer than required by the purposes of processing, unless a storage period is established by federal law or contract to which the personal data subject is a party, beneficiary, or guarantor. Processed personal data shall be destroyed or anonymized upon achievement of processing purposes or when there is no longer a need to achieve those purposes, unless otherwise provided by federal law.
6. Purposes of Processing Personal DataPurpose of processing: providing the User with access to services, information, and/or materials contained on the Website.
Personal data: last name, first name, patronymic (middle name).
Legal grounds: the Operator’s charter (founding) documents.
Types of processing: collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data.
(The following entry duplicates the preceding one in the source text.)
Purpose of processing: providing the User with access to services, information, and/or materials contained on the Website.
Personal data: last name, first name, patronymic (middle name).
Legal grounds: the Operator’s charter (founding) documents.
Types of processing: collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data.
7. Conditions for Processing Personal Data7.1. Processing is carried out with the personal data subject’s consent.
7.2. Processing is necessary for performance of a contract to which the personal data subject is a party, beneficiary, or guarantor, or for entering into a contract at the subject’s initiative or a contract under which the subject will be a beneficiary or guarantor.
7.3. Processing is necessary to exercise the Operator’s or third parties' rights and legitimate interests or to achieve socially significant goals, provided that the rights and freedoms of the personal data subject are not violated.
7.4. Processing is carried out with respect to personal data made publicly available by the subject or at the subject’s request (publicly available personal data).
7.5. Processing is carried out for personal data subject to publication or mandatory disclosure under federal law.
8. Procedure for Collection, Storage, Transfer, and Other Types of ProcessingThe security of personal data processed by the Operator is ensured through legal, organizational, and technical measures necessary to fully meet the requirements of applicable legislation in the field of personal data protection.
8.1. The Operator ensures the safety of personal data and takes all possible measures to prevent unauthorized access.
8.2. The User’s personal data will never, under any circumstances, be transferred to third parties, except where required by applicable law or where the personal data subject has given the Operator consent to transfer data to a third party for the performance of obligations under a civil-law contract.
8.3. If inaccuracies are found in personal data, the User may update them independently by sending a notice to the Operator at simiram.
corporate@gmail.com with the subject line "Update of personal data".
8.4. The processing period is determined by the achievement of the purposes for which personal data were collected, unless a different period is provided by contract or applicable law. The User may withdraw his/her consent to processing at any time by sending a notice to the Operator at simiram.
corporate@gmail.com with the subject line "Withdrawal of consent to personal data processing".
8.5. All information collected by third-party services, including payment systems, communications providers, and other service providers, is stored and processed by such parties (operators) in accordance with their User Agreements and Privacy Policies. The personal data subject should review those documents. The Operator is not responsible for the actions of third parties, including the service providers specified in this clause.
8.6. Restrictions established by the personal data subject on transfer (other than granting access), as well as on processing or on conditions of processing (other than access) of personal data permitted for dissemination, do not apply where processing is carried out in state, public, or other public interests as defined by law.
8.7. In processing personal data, the Operator ensures confidentiality.
8.8. The Operator stores personal data in a form allowing identification of the subject for no longer than required by the purposes of processing, unless a storage period is set by federal law or a contract to which the subject is a party, beneficiary, or guarantor.
8.9. Grounds for terminating processing may include achievement of processing purposes, expiration of the data subject’s consent, withdrawal of consent by the data subject or a demand to cease processing, as well as detection of unlawful processing.
9. List of Actions Performed by the Operator with Received Personal Data9.1. The Operator collects, records, systematizes, accumulates, stores, clarifies (updates, modifies), retrieves, uses, transfers (dissemination, provision, access), anonymizes, blocks, deletes, and destroys personal data.
9.2. The Operator performs automated processing of personal data with and/or without receiving and/or transmitting the obtained information via information and telecommunication networks.
10. Cross-Border Transfer of Personal Data10.1. Before commencing cross-border transfer of personal data, the Operator must notify the authorized body for the protection of personal data subjects' rights of its intention to carry out cross-border transfer (such notice is sent separately from the notice of intent to process personal data).
10.2. Prior to submitting the notice specified above, the Operator must obtain appropriate information from the foreign state authorities, foreign individuals, or foreign legal entities to whom cross-border transfer is planned.
11. Confidentiality of Personal DataThe Operator and other persons who have obtained access to personal data must not disclose or disseminate personal data to third parties without the consent of the personal data subject, unless otherwise provided by federal law.
12. Final Provisions12.1. The User may obtain any clarifications on matters concerning the processing of his/her personal data by contacting the Operator via email at simiram.
corporate@gmail.com.
12.2. Any changes to the Operator’s personal data processing policy will be reflected in this document. The Policy is effective indefinitely until replaced by a new version.
12.3. The current version of the Policy is publicly available on the Internet at
simiramproductions.com/privacy.
