Accessibility

POLICY

of Personal Data Processing on the www.gefco.ru Website

(Version 1)

 

City of Moscow

April 5, 2023

BASIC TERMS

 

Website

www.gefco.ru website and other Internet services that refer to this Privacy Policy of Personal Data Processing, and through which Gefco LLC collects or may collect personal data of any persons visiting the above websites

Company, Operator, Website Owner

Gefco Limited Liability Company, a company incorporated and operating under the laws of the Russian Federation at the address: 8 Preobrazhenskaya Square, intracity territory of a federal city Preobrazhenskoye urban municipal district, 107061, Moscow, OGRN 1037739971829, INN 7704505900

Website Administration

employees of Gefco LLC authorized to manage the Website on behalf of Gefco LLC, who arrange and (or) carry out personal data processing, as well as determine the purpose of personal data processing, the composition of personal data to be processed, actions (operations) applied to personal data

Website User

an individual who has access to the Website via the Internet and uses the Website for their own purposes (personal data subject)

Personal Data

any information relating to a directly or indirectly identified or identifiable individual – the Website User (subject of personal data)

Special Categories of Personal Data

personal data relating to race, nationality, political views, religious or philosophical beliefs, state of health, intimate life

Personal Data Confidentiality

a requirement binding the Website Administration not to disclose and not to distribute personal data to third parties without the consent of the personal data subject, unless otherwise provided by the federal law

Personal Data Processing

any automated or non-automated action (operation) or set of such actions (operations) applied to personal data, including collection, recording, systematization, accumulation, storage, clarification (update or modification), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data

Automated Personal Data Processing

personal data processing by computer engineering means

Personal Data Distribution

actions aimed at disclosing personal data to an undefined group of persons

Personal Data Provision

actions aimed at disclosing personal data to a specific person or a defined group of persons

Personal Data Blocking

temporary suspension of personal data processing (unless processing is required for personal data clarification)

Personal Data Destruction

actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which the personal data media are destroyed

IP Address

a unique network address of a node in a computer network based on IP protocol

Cookie file

a text file sent by a web server that is stored on the hard drive of the User’s computer

This Privacy Policy of Personal Data Processing (hereinafter referred to as Privacy Policy) applies to all personal data and personal information that the Company may receive from the Website User when they interact with the information posted on the Website pages, in particular as a result of using the Contact Us sections, when requesting the cost of services and/or during other interaction with the Website.

Use of the Website's services means the Website User's unconditional consent to this Policy and the terms of their personal data processing specified therein; in case of disagreement of the Website User to the processing of personal data, they should refrain from using the Website’s services.

 

1. GENERAL PROVISIONS

 

1.1. For the purposes of this Policy, personal information of the Website User is defined as:

1.1.1. Personal data of the Website User, which the Website User provides themselves when using the Website services and getting acquainted with the information posted on the Website. Personal information that is required to perform the Website's services is marked in a special way (in separate fill-in boxes).

1.1.2. Data that is automatically transmitted by the Website's services in the process of using the services with the aid of the software installed on the Website User's device, including the IP address, cookie file data, information about the Website User's browser (or other program that is used for accessing the services), technical specifications of equipment and software used by the Website User, date and time of accessing the services, addresses of requested pages and any related information.

This Privacy Policy applies exclusively to the www.gefco.ru website.

The www.gefco.ru Website has no control over, neither is responsible for third parties' websites to which the User may pass on the links available on the www.gefco.ru Website.

By using the services and resources of the www.gefco.ru Website, the Website User expresses their consent with this Policy and the terms for processing and transferring their personal data specified therein. The User's consent to provision, processing, and transmission of their Personal Data to the Company in compliance with the Policy shall be deemed complete and unconditional. The validity of the Website User’s consent is unlimited; however, the Website User has the right to withdraw this consent at any time by sending a written notice to this e-mail gefco.marketing@gefco.ru,with a mark “withdrawal of consent to the personal data processing.”

In case of full or partial disagreement with this Policy’s provisions, as well as disagreement to provide the personal data, the Website User should refrain from using the website’s resources and immediately leave the Website.

 

2. PURPOSES OF USERS’ PERSONAL DATA PROCESSING

 

2.1. The Website collects and stores only the personal information that is necessary to perform services or agreements and contracts with the Website User (including possible future agreements and contracts based on personal information received), unless the laws require compulsory storage of personal information within the period specified by the law.

Should the Company and the Website Administration receive a notice from the Website User of withdrawal of consent to personal data processing, the Company and the Website Administration terminate the processing the Website User’s personal data within a period not exceeding 10 working days from the date of receipt of such notice.

A notice of withdrawal of consent to personal data processing shall be sent to the e-mail gefco.marketing@gefco.ru,     as well as in writing by sending a letter to the registered address of the Company: 8 Preobrazhenskaya Square, intracity territory of a federal city Preobrazhenskoye urban municipal district, 107061, Moscow.

2.2. The Company and the Website Administration process personal information of the Website User for the following purposes:

2.2.1. To inform Website Users about the services provided by the Company, promotions or other events of the Company (if relevant).

2.2.2. To identify the Website User, who has filled in a certain form posted on the Website, implying the possibility of feedback from the Website User, for the purposes of fast interaction between the parties and clarification on the Company’s services requested by the Website User, as well as to process notifications and requests of the Website User, related to the use of the Website, to render Company’s services, and to process requests and applications from the Website User.

2.2.3. To grant the Website User access to the personalized resources of the Website (if relevant).

2.2.4. To define the location of the Website User for security and prevention of fraud (if relevant).

2.2.5. To confirm the accuracy and completeness of personal data provided by the Website User.

2.2.6. To conduct promotional activities with the Website User’s consent (if relevant; in addition, the express consent of the Website User is required by putting down the appropriate marks when filling out any form on the Website).

 

3. TERMS OF USERS’ PERSONAL DATA PROCESSING

AND ITS TRANSFER TO THIRD PARTIES

 

3.1. The Website stores personal information of the Website Users in accordance with the internal regulations of the specific services.

The Company processes personal data in a way that allows identifying the personal data subject, but for no longer than required according to the purposes for which the personal data is processed.

3.2. With regard to personal information of the Website User, its confidentiality is maintained, unless the Website User voluntarily provides their personal information for general public access. When using certain services, the Website User agrees that a certain part of their personal information becomes public.

3.3. The Website has the right to transfer the personal information of the Website User to third parties in the following cases:

3.3.1. The Website User has agreed to such actions.

3.3.2. Such transfer is necessary for the Website User to use a certain service or to perform a certain agreement or contract with the Website User (including possible future agreements and contracts based on personal information received).

3.3.3. Transfer is provided by Russian or other applicable laws according to the procedure established by the law.

3.3.4. If the Website Owner changes (for example, resulting from the sale of the Website), the acquirer becomes fully obligated to comply with the terms of this Policy with respect to the personal information it received.

3.4. Processing of Website User’s Personal Datashall be carried out without restriction by any period in the following ways: collection, recording, systematization, accumulation, storage, clarification (update, modification), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data, including in personal data information systems using automated or non-automated means. Processing of Website User’s Personal Data is carried out in accordance with Federal Law No. 152-FZ On Personal Data dated 27.07.2006.

3.5. The Website Administration takes the necessary organizational and technical measures to protect personal information of the Website User from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties.

3.6. The Company implements the following requirements for the protection of personal data:

3.6.1. requirements to maintain personal data confidentiality;

3.6.2. requirements to ensure the accuracy of personal data and, where necessary, its relevance in relation to the purposes of personal data processing (taking (ensuring the taking of) measures to delete or clarify incomplete or inaccurate data);

3.6.3. requirements to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions in relation to personal data;

3.6.4. requirements to ensure that the personal data subject implements their rights, including the right to access information;

3.6.5. any other requirements established by law.

3.7. The Website Administration also takes measures to protect personal data that is transferred automatically after visiting the Website, including from cookie files:

3.7.1. The IP address assigned to the Website User's computer when visiting the Website;

3.7.2. Collected session data.

3.8. Cookie files used during Website browsing can be either session or persistent.

3.8.1. Session cookie files. The Website Administration uses session cookie files to assign a unique identification number to the Website User's computer each time they visit the Website. Such cookie files are deleted after closing the browser. They are also used to analyze the Website User's experience with the Website (visits to pages, links used, and the time the User stays on a particular page get assessed).

3.8.2. Persistent cookie files. The Website recognizes persistent cookie files that are stored on the hard drives of the computers of Website Users, and by assigning unique identifiers to the devices of Website Users, the Website Administration is able to create a database of the actions and preferences of Website Users (in particular, the frequency of visits and frequency of return of Website Users, their preferences when using the Website). It is important to note that cookie files do not contain personal data of Website Users; they only record their actions.

3.8.3. Session cookie files do not require prior consent from Website Users; persistent cookies require such consent.

Website Users are able to manage cookie files by adjusting the settings of the browser they use while visiting the Website. Thus, Website Users are able to allow all cookie files integrated into pages or to block cookie files, as well as to enable the use of cookie files on request, to accept or reject cookie files. Managing cookie files differs across browsers used.

By using cookie technology, the Website Administration does not store or use any specific data about the Website Users. Please note that the Website User has the right to configure the browser used to refuse to register calls to the Website or to warn about requests for such registration. Switching off cookies may result in the inability to access the Website.

3.9. The Website Administration together with the Website User take all necessary measures to prevent losses or other negative consequences caused by the loss or disclosure of the Website User's personal data.

 

4. OBLIGATIONS OF THE PARTIES

 

4.1. The Website User is obliged to:

4.1.1. Provide information about personal data required to use the Website, or refuse to provide such information, immediately leaving and terminating the use of the Website, its resources and services.

4.1.2. Update and/or supplement the information and personal data in any case of change in the information.

4.2. The Website Administration is obliged to:

4.2.1. Use the information obtained solely for the purposes specified in this Privacy Policy.

4.2.2. Provide storage of confidential information in secret and not to disclose it without prior written permission from the Website User, as well as not to sell, exchange, publish, or disclose in any other possible way the transferred personal data of the Website User, except as provided in this Privacy Policy.

4.2.3. Block personal data relating to the relevant Website User, from the date of application or request of the Website User or their legal representative or authorized body for the protection of rights of personal data subjects for the period of verification in case unreliable personal data or illegal actions have been revealed.

 

5. LIABILITY OF THE PARTIES

 

5.1. In case of default on the obligations, the Website Administration shall be held liable for any damage caused to the Website User related the misuse of personal data, in accordance with the laws of the Russian Federation.

5.2. The Website Administration shall not be held liable for the disclosure or loss of the User's personal data if the personal data:

5.2.1. had became public before it was lost or disclosed.

5.2.2. had been received by the Website Administration from a third party before it was received from the User.

5.2.3. was disclosed by the User's consent.

 

6. DISPUTE RESOLUTION

 

6.1. A claim (a written proposal of voluntary settlement of a dispute) shall be submitted prior to appealing to the court under disputes arising from the relationship between the Website User and the Website Administration.

6.2. The claimee undertakes to examine the claim within thirty (30) calendar days of receiving the claim and notify the claimant about the outcome of such claim.

6.3. In the event of failure to reach an agreement, the dispute shall be referred to a court in accordance with the applicable laws of the Russian Federation.

6.4. The applicable laws of the Russian Federation apply to this Privacy Policy and the relations between the Website User and the Website Administration.

 

7. ADDITIONAL CONDITIONS

 

7.1. The Website Administration is entitled to make changes to this Privacy Policy without consent of the User.

7.2. The new Privacy Policy enters into force from the moment it is published on the Website, unless otherwise provided for by the new version of the Privacy Policy.

7.3. All proposals or questions concerning this Privacy Policy should be submitted by e-mail: gefco.marketing@ gefco.ru.

7.4. The current Privacy Policy is published at the following web page: https://gefco.ru/en/privacy/