Privacy Policy

Regarding the processing of personal data of website visitors

1. General Provisions

1.1. This Policy regarding the processing of personal data (hereinafter referred to as the "Policy")

prepared in accordance with the law and determines the position of the administration in the field of processing and protection of personal data (hereinafter referred to as the "Data"), respect for the rights and freedoms of each person and, in particular, the right to privacy, personal and family secrets.

2. Scope

2.1. This Policy applies to Data obtained both before and after the entry into force of this Policy.

2.2. Understanding the importance and value of the Data, as well as taking care of the observance of the constitutional rights of citizens, the Company ensures reliable protection of the Data.

3. Definitions

3.1. Data means any information relating directly or indirectly to

to a specific or identifiable natural person (citizen), i.e. such information, in particular, includes: name, e-mail, location, link to a personal website or social networks, ip address, cookies.

3.2. Data processing is understood as any action (operation) or a set of actions (operations) with Data performed using automation tools and/or without the use of such tools.Such actions (operations) include: collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of Data.

3.3. Data security means the protection of Data from unauthorized and/or unauthorized access to it, destruction, modification, blocking, copying, provision, distribution of Data, as well as from other illegal actions in relation to Data.

4. Legal grounds and purposes of data processing

4.1. The processing and security of Data in the Company is carried out in accordance with the requirements of the Constitution, the Law, the Labor Code, by-laws, other federal laws that determine the cases and features of the processing of Data, guidelines and methodological documents.

4.2. The subjects of the Data processed by the Company are:

customers - consumers, incl. visitors to the site https://quality.htgetrid.com/en/, owned by the Company, including for the purpose of placing an order on the Site https://quality.htgetrid.com/en/, with subsequent delivery to the client, service recipients ;,

4.3. The Company processes Data Subjects for the following purposes:

implementation of the functions, powers and obligations assigned to the Company by law in accordance with federal laws, including, but not limited to: the Civil Code, the Tax Code, the Labor Code, the Family Code.

insurance, Customers - consumers in order to:

providing information on goods/services, ongoing promotions and special

proposals;

5. Principles and conditions of Data processing.

5.1.When processing Data, the Company adheres to the following principles: Data processing is carried out on a legal and fair basis; Data is not disclosed to third parties and is not distributed without the consent of the Data subject, except in cases requiring disclosure of Data at the request of authorized state bodies, legal proceedings; determination of specific legitimate purposes prior to the processing (including collection) of Data; only those Data are collected that are necessary and sufficient for the stated purpose of processing; consolidation of databases containing Data processed for purposes incompatible with each other is not allowed; the processing of the Data is limited to the achievement of specific, predetermined and legitimate purposes; the processed Data is subject to destruction or depersonalization upon achievement of the purposes of processing or in case of loss of the need to achieve these purposes, unless otherwise provided by federal law.

5.2. The Company may include the Data of the subjects in public Data sources, while the Company takes the written consent of the subject to the processing of his Data, or by expressing consent through the site form (checkbox), by clicking on which the subject of personal data expresses his consent.

5.3. The Company does not process Data relating to racial, national

affiliation, political views, religious, philosophical and other beliefs, intimate life, membership in public associations, including trade unions.

5.4.Biometric Data (information that characterizes the physiological and biological characteristics of a person, on the basis of which his identity can be established and which is used by the operator to identify the Data subject) is not processed by the Company.

5.5. The Company does not carry out cross-border transfer of Data.

5.6. In cases established by law, the Company has the right

to transfer the Data to third parties (the federal tax service, the state pension __________ fund and other state bodies) in cases provided for by law.

5.7. The Company has the right to entrust the processing of Data of Data subjects to third parties with the consent of the Data subject, on the basis of an agreement concluded with these persons, including upon agreement with the user agreement and the policy for processing personal data posted on the site.

5.8. Persons processing Data on the basis of an agreement concluded with the Company (instruction of the operator) undertake to comply with the principles and rules for the processing and protection of Data provided for by the Law. For each third party, the contract defines a list of actions (operations) with Data that will be performed by a third party processing Data, the purposes of processing, establishes the obligation of such a person to maintain confidentiality and ensure the security of Data during their processing, specifies the requirements for protecting processed Data in accordance with with the Law.

5.9. In order to comply with the requirements of the current legislation and its contractual obligations, the processing of Data in the Company is carried out both with and without the use of automation tools.The set of processing operations includes the collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (provision, access), depersonalization, blocking, deletion, destruction of Data.

5.10. The Company prohibits the adoption, based solely on automated processing of the Data, of decisions that give rise to legal consequences in relation to the Data subject or otherwise affect his rights and legitimate interests, except as otherwise provided by law.

6. Rights and obligations of Data subjects, as well as the Company in terms of Data processing

6.1. The subject whose Data is processed by the Company has the right to:

- receive from the Company:

confirmation of the fact of Data processing and information about the availability of Data related to the relevant Data subject;

information about the legal grounds and purposes of Data processing;

information about the methods of Data processing used by the Company;

information about the name and location of the Company;

information about persons (excluding employees of the Company) who have access to the Data or to whom the Data may be disclosed on the basis of an agreement with the Company or on the basis of federal law;

a list of the processed Data relating to the subject of the Data, and information about the source of their receipt, unless a different procedure for providing such Data is provided for by federal law;

information about the terms of Data processing, including the terms of their storage;

information on the procedure for exercising by the Data subject of the rights provided for by the Law;

name (full name) and address of the person processing the Data on behalf of the Company;

other information provided for by the Law or other regulatory legal acts;

- require from the Company:

clarification of their Data, their blocking or destruction if the Data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing;

withdraw your consent to the processing of Data at any time; demand the elimination of illegal actions of the Company in relation to its Data;

appeal against the actions or inaction of the Company to the Federal Service for Supervision of Communications, Information Technology and Mass Media or in court if the Data subject believes that the Company is processing his Data in violation of the requirements of the Law or otherwise violates his rights and freedoms;

- to protect their rights and legitimate interests, including damages and / or compensation for moral damage in court.

6.2. The Company in the process of processing the Data is obliged to:

provide the Data subject, at his request, with information regarding the processing of his

PD, or legally provide a refusal within thirty days from the date

receiving a request from the Data subject or his representative;

explain to the Data subject the legal consequences of refusal to provide the Data, if

provision of the Data is mandatory under federal law;

prior to the start of Data processing (if the Data is not received from the Data subject), provide

to the Data subject the following information, except for the cases provided for by paragraph 4 of Article 18 of the Law:

1) name or surname, name, patronymic and address of the Company or its representative;

2) the purpose of the Data processing and its legal basis;

3) intended users of the Data;

4) the rights of Data subjects established by the Law;

5) the source of the Data.

take the necessary legal, organizational and technical measures or ensure their adoption to protect the Data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of the Data, as well as from other illegal actions in relation to the Data;

publish on the Internet and provide unrestricted access using the Internet to a document defining its policy regarding Data processing, to information about the implemented Data protection requirements;

provide the Data subjects and/or their representatives free of charge with the opportunity to familiarize themselves with the Data when making a relevant request within 30 days from the date of receipt of such a request;

to block illegally processed Data related to the Data subject, or ensure their blocking (if the Data processing is carried out by another person acting on behalf of the Company) from the moment of application or receipt of a request for the verification period, in case of detection of illegal Data processing upon the request of the Data subject or his a representative or, upon request, to the Data subject or his representative or an authorized body for the protection of the rights of personal data subjects;

clarify the Data or ensure their clarification (if the Data is processed by another person acting on behalf of the Company) within 7 working days from the date of submission of the information and remove the blocking of the Data, if the fact is confirmed

inaccuracies of the Data based on information provided by the Data subject or his representative;

stop illegal processing of Data or ensure the termination of illegal processing of Data by a person acting on behalf of the Company, in case of detection of illegal processing of Data carried out by the Company or a person acting on the basis of an agreement with the Company, within a period not exceeding 3 business days from the date of such detection;

terminate the Data processing or ensure its termination (if the Data processing is carried out by another person acting under an agreement with the Company) and destroy the Data or ensure their destruction (if the Data processing is carried out by another person acting under an agreement with the Company) upon achieving the purpose of Data processing, unless otherwise not provided for by the contract, the party to which, the beneficiary or the guarantor of which is the Data subject, in case the purpose of Data processing is achieved;

terminate the processing of the Data or ensure its termination and destroy the Data or ensure their destruction in the event that the Data subject revokes consent to the processing of the Data, if the Company is not entitled to process the Data without the consent of the subject

data;

maintain a log of requests from PD subjects, which should record the requests of Data subjects to receive Data, as well as the facts of providing Data in response to these requests.

7. Data protection requirements

7.1. When processing the Data, the Company takes the necessary legal, organizational and technical measures to protect the Data from unauthorized and / or unauthorized access to them, destruction, modification, blocking, copying, provision, distribution of the Data, as well as from other illegal actions in relation to the Data.

7.2. Such measures in accordance with the Law, in particular, include:

appointment of a person responsible for organizing the processing of the Data and a person responsible for ensuring the security of the Data;

development and approval of local acts on the processing and protection of Data;

application of legal, organizational and technical measures to ensure the security of Data:

  • identification of threats to the security of Data during their processing in information systems

personal data;

  • application of organizational and technical measures to ensure the security of Data

during their processing in information systems of personal data necessary to fulfill the requirements for Data protection, the implementation of which ensures the levels of Data security established by the Government;

  • the use of information security tools that have passed the conformity assessment procedure in the prescribed manner;
  • evaluation of the effectiveness of the measures taken to ensure the security of the Data prior to the commissioning of the personal data information system;
  • accounting for machine media of the Data, if the Data is stored on machine media;
  • detection of facts of unauthorized access to the Data and taking measures to prevent such incidents in the future;
  • recovery of Data modified or destroyed due to unauthorized access to them;
  • establishing rules for access to the Data processed in the personal data information system, as well as ensuring the registration and accounting of all actions performed with the Data in the personal data information system.

control over the measures taken to ensure the security of the Data and the level of security of personal data information systems;

assessment of the harm that may be caused to the Data subjects in case of violation of the requirements of the Law, the ratio of the specified harm and the measures taken by the Company aimed at ensuring the fulfillment of the obligations provided for by the Law;

compliance with the conditions that exclude unauthorized access to material media of the Data and ensure the safety of the Data;

familiarization of the Company's employees directly involved in the processing of Data with the provisions of the Data legislation, including the requirements for Data protection, local acts on processing and protection

Data, and training of the Company's employees.

8. Terms of processing (storage) of Data

8.1. The terms of Data processing (storage) are determined based on the purposes of Data processing, in accordance with the validity period of the contract with the Data subject, the requirements of federal laws, the requirements of Data operators on behalf of which the Company processes Data, the main rules for the operation of archives of organizations, the limitation period.

8.2. Data whose processing (storage) period has expired must be destroyed, unless otherwise provided by federal law. Storage of Data after the termination of their processing is allowed only after their depersonalization.

9. Procedure for obtaining clarifications on Data processing issues

9.1. Persons whose Data is processed by the Company may obtain clarifications on the processing of their Data by contacting the Company.

9.2. If an official request is sent to the Company, the text of the request must contain

specify:

surname, name, patronymic of the Data subject or his representative;

number of the main document proving the identity of the Data subject or his representative, information about the date of issue of the specified document and the authority that issued it;

information confirming that the Data subject has a relationship with the Company;

information for feedback in order for the Company to send a response to the request;

signature of the Data subject (or his representative). If the request is sent electronically, then it must be executed in the form of an electronic document and signed with an electronic signature in accordance with the law.

10. Features of processing and protection of Data collected by the Company using the Internet

10.1. The Company processes Data received from users of the Site from the resource:

https://quality.htgetrid.com/en/ (hereinafter collectively referred to as the Site), as well as coming to the Company's e-mail address:

10.2. Data collection

There are two main ways in which the Company obtains Data via the Internet:

10.2.1. Provision of Data (self-entry):

Name, email, link to personal website or social networks, cookies

10.2.2. By the Data Subjects by sending to the Company's e-mail address:

10.3. Automatically collected information

The Company may collect and process information that is not personal data:

determining the location of the ip address information about the interests of users on the Site based on the entered search queries of the Site users about the goods sold and offered for sale by the Company in order to provide up-to-date information to the Company's customers when using the Site, as well as to summarize and analyze information about which sections of the Site and products are in the greatest demand among the Company's clients;

processing and storage of search queries of users of the Site in order to summarize and create client statistics on the use of sections of the Site.

The Company automatically receives certain types of information obtained in the course of user interaction with the Site, e-mail correspondence, etc. We are talking about technologies and services such as web protocols, cookies, web marks, as well as applications and tools of this third party. sides.

At the same time, web tags, cookies and other monitoring technologies do not make it possible to automatically receive Data. If the user of the Site, at his own discretion, provides his Data, for example, when filling out a feedback form or when sending an e-mail, then only then will processes automatically collect detailed information for the convenience of using the websites and / or to improve user interaction.

10.4. Data usage

The Company has the right to use the provided Data in accordance with the stated purposes of their collection, subject to the consent of the Data subject, if such consent is required in accordance with the requirements of legislation in the field of Data.

The data obtained in a generalized and depersonalized form can be used to better understand the needs of buyers of goods and services sold by the Company and improve the quality of service.

10.5. Data transfer

The Company may entrust the processing of Data to third parties only with the consent of the Data subject. The Data may also be transferred to third parties in the following cases:

a) As a response to legitimate requests from authorized state bodies, in accordance with laws, court decisions, etc.

b) The Data may not be transferred to third parties for marketing, commercial or other similar purposes, unless the prior consent of the Data subject is obtained.

10.6. The Site contains links to other web resources, which may contain information that is useful and interesting for users of the Site. However, this Policy does not apply to such other sites. Users who follow links to other sites are advised to read the Data processing policies posted on such sites.

10.7. The User of the Site may at any time withdraw his consent to the processing of Data by sending a message to the Company's email address: . Upon receipt of such a message, the processing of the User's Data will be terminated and his Data will be deleted, except in cases where the processing can be continued in accordance with the law. Final Provisions This Policy is a local regulatory act of the Company. This Policy is public. Public availability of this Policy is ensured by publication on the Company's Website. This Policy may be revised in any of the following cases:

when changing legislation in the field of processing and protection of personal data;

in cases of receipt of instructions from the competent state authorities to eliminate inconsistencies affecting the scope of the Policy;

by decision of the Company's management;

when changing the purposes and terms of Data processing;

when changing the organizational structure, the structure of information and / or telecommunication systems (or introducing new ones);

when applying new technologies for processing and protecting Data (including transmission, storage);

when it becomes necessary to change the Data processing process related to the activities of the Company. In case of failure to comply with the provisions of this Policy, the Company and its employees are liable in accordance with applicable law

. Control over the fulfillment of the requirements of this Policy is carried out by persons responsible for organizing the processing of Company Data, as well as for the security of personal data.

Electronics

Construction

Ratings