1. General Provisions
This Personal Data Processing Policy is drafted in accordance with the requirements of Federal Law No. 152-FL of July 27, 2006, "On Personal Data" (hereinafter referred to as the "Personal Data Law") and defines the procedure for processing personal data and the measures taken to ensure the security of personal data by GEODAMP LLC (hereinafter referred to as the "Operator").
1.1. The Operator considers its highest priority and a fundamental condition of its operations to be the observance of human and civil rights and freedoms when processing their personal data, including the protection of privacy, personal, and family secrets.
1.2. This Operator’s policy regarding the processing of personal data (hereinafter referred to as the "Policy") applies to all information that the Operator may obtain about visitors to the website geodamp.ru.
2. Key Terms Used in the Policy
2.1. Automated Processing of Personal Data – processing of personal data using computer technology.
2.2. Blocking of Personal Data – temporary cessation of personal data processing (except when processing is necessary to clarify personal data).
2.3. Website – a collection of graphical and informational materials, as well as computer programs and databases, ensuring their availability on the internet at the network address geodamp.ru.
2.4. Personal Data Information System – a set of personal data contained in databases and the information technologies and technical means enabling their processing.
2.5. Depersonalization of Personal Data – actions that make it impossible to determine, without additional information, the affiliation of personal data to a specific User or other subject of personal data.
2.6. Processing of Personal Data – any action (operation) or set of actions (operations) performed with or without automation tools on personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, or destruction of personal data.
2.7. Operator – a state body, municipal authority, legal entity, or individual that independently or jointly with others organizes and/or processes personal data, as well as determines the purposes of processing, the composition of personal data to be processed, and the actions (operations) performed with personal data.
2.8. Personal Data – any information directly or indirectly related to an identified or identifiable User of the website geodamp.ru.
2.9. Personal Data Permitted for Dissemination – personal data to which an unlimited number of persons have access, granted by the subject of personal data by consenting to the processing of personal data permitted for dissemination in accordance with the Personal Data Law (hereinafter referred to as "Personal Data Permitted for Dissemination").
2.10. User – any visitor to the website geodamp.ru.
2.11. Provision of Personal Data – actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of Personal Data – any actions aimed at disclosing personal data to an indefinite group of persons (transfer of personal data) or making personal data available to an unlimited number of persons, including publishing personal data in mass media or providing access to personal data in any other way.
2.13. Cross-Border Transfer of Personal Data – the transfer of personal data to the territory of a foreign state to a foreign government authority, foreign individual, or foreign legal entity.
2.14. Destruction of Personal Data – any actions resulting in the irreversible destruction of personal data, making it impossible to restore the content of personal data in the personal data information system and/or resulting in the destruction of physical media containing personal data.
3. Key Rights and Obligations of the Operator
3.1. The Operator has the right to:
Receive accurate information and/or documents containing personal data from the subject of personal data.
Continue processing personal data without the subject’s consent if grounds specified in the Personal Data Law exist (e.g., when processing is necessary for legal compliance or contractual obligations).
Independently determine the necessary and sufficient measures to fulfill obligations under the Personal Data Law, unless otherwise specified by law.
3.2. The Operator is obliged to:
Provide the subject of personal data, upon request, with information regarding the processing of their personal data.
Process personal data in accordance with Russian legislation.
Respond to inquiries and requests from personal data subjects and their legal representatives in accordance with the Personal Data Law.
Provide the authorized body for personal data protection with necessary information within 10 days of receiving a request.
Publish or otherwise ensure unrestricted access to this Policy.
Implement legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, distribution, or other unlawful actions.
Cease processing and destroy personal data in cases prescribed by the Personal Data Law.
Fulfill other obligations stipulated by the Personal Data Law.
4. Key Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
Obtain information about the processing of their personal data (unless restricted by law).
Demand correction, blocking, or destruction of inaccurate, outdated, or unlawfully obtained personal data.
Withdraw consent to processing and demand termination of processing.
Appeal unlawful actions or inaction of the Operator to the authorized body or court.
Exercise other rights granted by Russian law.
4.2. Personal data subjects must:
Provide the Operator with accurate personal data.
Notify the Operator of updates or changes to their personal data.
4.3. Persons who provide false personal data or data about another subject without consent bear responsibility under Russian law.
5. Principles of Personal Data Processing
5.1. Processing is lawful and fair.
5.2. Processing is limited to specific, predefined, and legitimate purposes.
5.3. Merging databases with incompatible processing purposes is prohibited.
5.4. Only relevant and necessary personal data may be processed.
5.5. Storage duration must not exceed legal or contractual requirements.
6. Purposes of Personal Data Processing
6.1. Purposes:
Sending informational emails to Users.
Collecting anonymized data (via services like Yandex Metrica and Google Analytics) to improve website quality.
6.2. Processed Data:
Full name, email, phone numbers.
Anonymized visitor data (including cookies).
6.3. Legal Basis:
Federal Law No. 149-FL "On Information, Information Technologies, and Information Protection" (July 27, 2006).
6.4. Processing Activities:
Collection, recording, storage, depersonalization, destruction.
Sending informational emails.
7. Conditions of Personal Data Processing
Processing is permitted with the subject’s consent or when necessary for:
Legal compliance, contractual obligations, or public interests.
Justice administration or enforcement proceedings.
Operator’s legitimate interests (without violating the subject’s rights).
8. Procedure for Collection, Storage, and Transfer of Personal Data
8.1. The Operator ensures security through legal, organizational, and technical measures.
8.2. Personal data is not transferred to third parties except as required by law or with the subject’s consent.
8.3. Users may update their data by emailing geodump2023@gmail.com with the subject "Personal Data Update".
8.4. Processing continues until the purpose is achieved or consent is withdrawn (via email with the subject "Withdrawal of Consent").
8.5. Third-party services (e.g., payment systems) process data under their own policies; the Operator is not liable for their actions.
9. Actions Performed by the Operator with Personal Data
The Operator performs collection, recording, storage, clarification, transfer, depersonalization, blocking, and destruction of personal data, including automated processing.
10. Cross-Border Transfer of Personal Data
10.1. The Operator must notify the authorized body before cross-border transfers.
10.2. Relevant information must be obtained from foreign authorities/entities prior to transfer.
11. Confidentiality of Personal Data
The Operator and authorized persons must not disclose personal data without consent, unless required by law.
12. Final Provisions
12.1. Users may seek clarifications via geodump2023@gmail.com.
12.2. This Policy may be updated; the current version is available at geodamp.ru/privacy.
12.3. The Policy remains effective until replaced by a new version.