Consent to the processing of personal data
- This Consent is given for the processing of personal data, both without the use of automation tools and with their use.
- Consent is given to the processing of my following personal data: listed in paragraph 3.
- Personal data that is not special or biometric: last name, first name, patronymic; place of work and position; education; subject taught; qualification category; teaching experience; graduated from an educational institution; graduation year; diploma specialty; email address; phone number, passport data, registration address and place of residence, the address of the place of work.
- The following personal data is publicly available: last name, first name, patronymic; place of work and position; education.
- The purpose of personal data processing is to carry out the functions, powers and duties of the Operator related to the provision of educational services in the field of additional professional education.
- The grounds for processing personal data are: Article 24 of the Constitution of the Russian Federation; Article 6 of Federal Law No. 152-FZ "On Personal Data";
- During the processing of personal data, the following actions will be performed:: collection; recording; systematization; accumulation; storage; refinement (updating, modification); extraction; use; transfer (distribution, provision, access); depersonalization; blocking; deletion; destruction. The transfer of personal data to third parties is carried out on the basis of the legislation of the Russian Federation, an agreement with the participation of the personal data subject, or with the consent of the personal data subject.
- I give my consent to the possible transfer of my personal data to third parties in cases stipulated by law.
- Personal data is processed until the end of processing. The processing of personal data may also be terminated at the request of the personal data subject. The storage of personal data recorded on paper is carried out in accordance with Federal Law No. 125-FZ "On Archival Affairs in the Russian Federation" and other regulatory legal acts in the field of archival affairs and archival storage.
- Consent is given, among other things, for informational (advertising) notifications.
- The consent may be revoked by the personal data subject or his representative by sending a written application to the Organization.
- If the personal data subject or his representative withdraws consent to the processing of personal data, Organizations have the right to continue processing personal data without the consent of the personal data subject, provided there are grounds specified in paragraphs 2-11 of part 1 of Article 6, part 2 of Article 10 and part 2 of Article 11 of Federal Law No. 152–FZ "On Personal Data". dated 26.06.2006
The Administrator's policy regarding the processing of personal data
1. GENERAL PROVISIONS
1.1. This document (hereinafter referred to as the Policy) defines the policy regarding the processing of personal data by the CAREER MANAGEMENT SCHOOL SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA (Aleja Gen. Antoniego Chrusciela "MONTERA", 88a, Warszawa, 04-412, Poland, PL 9522224105, PL 75102010680000190203891959), hereinafter referred to as the Administrator).
1.2. This Policy has been developed in compliance with the requirements of Clause 2, Part 1, Article 18.1 of Federal Law No. 152-FZ dated 27.07.2006 "On Personal Data" (hereinafter referred to as the Personal Data Law).
1.3. The concepts contained in Article 3 of the Law on Personal Data are used in this Policy with a similar meaning.
1.4. This Policy applies to all operations performed by the Administrator with personal data using automation tools or without their use.
1.5. Basic rights and duties of the Administrator.
1.5.1. The Administrator has the right to:
• receive reliable information and/or documents containing personal data from the personal data subject;
• require the personal data subject to provide timely clarification of the personal data provided.
1.5.2. The Administrator is obliged to:
• process personal data in accordance with the procedure established by the current legislation of the Russian Federation;
• consider the requests of the personal data subject (his legal representative) regarding the processing of personal data and provide motivated answers;
• provide the personal data subject (his legal representative) with the opportunity to access his personal data free of charge;
• take measures to clarify and destroy the personal data of the personal data subject in connection with his (his legal representative's) handling of legitimate and reasonable demands;
• organize the protection of personal data in accordance with the requirements of the legislation of the Russian Federation.
1.6. Basic rights and obligations of personal data subjects:
1.6.1. Personal data subjects have the right to:
• full information about their personal data processed by the Administrator;
• the right to access their personal data, including the right to receive a copy of any record containing their personal data, except in cases provided for by federal law;
• to clarify their personal data, block it or destroy it in cases where the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing;
• revocation of consent to the processing of personal data;
• to take legal measures to protect their rights;
• to exercise other rights provided for by the legislation of the Russian Federation.
1.6.2. Subjects of personal data are obliged to:
• provide the Administrator with only reliable personal information;
• provide documents containing personal data to the extent necessary for the purpose of processing;
• inform the Administrator about the clarification (updating, modification) of their personal data.
1.6.3. Persons who have provided the Administrator with false information about themselves or information about another personal data subject without the latter's consent are liable in accordance with the legislation of the Russian Federation.
2. SCOPE AND CATEGORIES OF PERSONAL DATA PROCESSED, CATEGORIES OF PERSONAL DATA SUBJECTS
2.1. The Administrator may process the personal data of the following personal data subjects:
• Admin staff;
• Administrator's clients (individuals);
• representatives/employees of the Administrator's clients (legal entities);
• visitors to the Administrator's website(s) (hereinafter referred to as the Website and Sites).
2.2. Personal data processed by the Administrator includes:
• last name, first name, patronymic of the personal data subject;
• place of residence (region/city);
• specialty/area of professional interests;
• Mobile phone number;
• e-mail address (e-mail);
• the history of requests and views on the Site and its services (for Site visitors);
• other information (the list may be reduced or expanded depending on the specific case and the purposes of processing).
2.3. The Administrator ensures that the content and volume of personal data being processed correspond to the stated purposes of processing and, if necessary, takes measures to eliminate their redundancy in relation to the stated purposes of processing.
3. PURPOSES OF PERSONAL DATA COLLECTION
3.1. Personal data is processed by the Administrator for the following purposes::
• conclusion of any contracts with the subjects of personal data and their further execution;
• the Administrator conducts promotions, surveys, interviews, tests and research on Websites;
• providing personal data subjects with the Administrator's services and services, as well as information about the Administrator's development of new products and services, including those of an advertising nature;
• feedback from personal data subjects, including processing their requests and requests, informing them about the operation of the Website(s);
• monitoring and improving the quality of the Administrator's services, including those offered on the Website(s);
• management of personnel work and organization of employee accounting by the Administrator, regulation of labor and other relations directly related to them;
• formation of statistical reports;
• carrying out business activities;
• exercise of other functions, powers and duties assigned to the Administrator by the legislation of the Russian Federation.
4. LEGAL GROUNDS FOR PERSONAL DATA PROCESSING
4.1. The legal grounds for processing the Administrator's personal data are:
• The Constitution of the Russian Federation;
• The Labor Code of the Russian Federation;
• The Civil Code of the Russian Federation;
• Federal Law No. 149-FZ of July 27, 2006 "On Information, Information Technologies and Information Protection";
• Federal Law No. 294-FZ of December 26, 2008 "On the Protection of the Rights of Legal Entities and Individual Entrepreneurs in the Exercise of State Control (Supervision) and Municipal Control";
• Decree of the President of the Russian Federation No. 188 dated March 6, 1997 "On approval of the List of confidential information";
• Decree of the Government of the Russian Federation No. 687 dated September 15, 2008 "On Approval of the Regulation on the Specifics of Personal Data Processing carried out without the use of automation tools";
• Decree of the Government of the Russian Federation No. 1119 of November 1, 2012 "On Approval of Requirements for the Protection of Personal Data during their Processing in Personal Data Information Systems";
• Roskomnadzor Order No. 996 dated September 5, 2013 "On Approval of requirements and methods for depersonalization of personal data";
• FSTEC of Russia Order No. 21 dated February 18, 2013 "On Approval of the Composition and Content of Organizational and Technical Measures to Ensure the Security of Personal Data during their Processing in Personal Data Information Systems";
• statutory documents of the Administrator;
• contracts concluded between the Administrator and the subjects of personal data;
• consent of personal data subjects to the processing of personal data;
• other grounds where consent to the processing of personal data is not required by law.
5. PROCEDURE AND CONDITIONS OF PERSONAL DATA PROCESSING
5.1. The processing of personal data by the Operator is carried out in the following ways:
• non-automated processing of personal data;
• automated processing of personal data with or without transmission of the received information via information and telecommunication networks;
• Mixed processing of personal data.
5.2. The list of actions performed by the Administrator with personal data: collection, systematization, accumulation, storage, clarification (updating, modification), use, distribution (including transfer), depersonalization, blocking, destruction, as well as the implementation of any other actions in accordance with the current legislation of the Russian Federation.
5.3. The processing of personal data is carried out by the Administrator subject to obtaining the consent of the personal data subject (hereinafter referred to as Consent), except in cases established by the legislation of the Russian Federation when the processing of personal data may be carried out without such Consent.
5.4. The personal data subject decides on the provision of his personal data and gives Consent freely, voluntarily and in his own interest.
5.5. Consent is given in any form that allows to confirm the fact of its receipt. In cases stipulated by the legislation of the Russian Federation, Consent is given in writing.
5.6. The condition for termination of personal data processing may be the achievement of personal data processing goals, the expiration of Consent or withdrawal of Consent by the personal data subject, as well as the identification of unlawful processing of personal data.
5.7. Consent may be revoked by written notification sent to the Administrator by registered mail with notification.
5.8. When processing personal data, the Operator takes or ensures the adoption of necessary legal, organizational and technical measures to protect personal data from unlawful or accidental access to them, destruction, modification, blocking, copying, provision, dissemination of personal data, as well as from other unlawful actions with respect to personal data.
5.9. Personal data is stored in a form that makes it possible to identify the subject of personal data for a period not longer than the purposes of personal data processing require, except in cases where the period of personal data storage is established by federal law, an agreement to which the personal data subject is a party, beneficiary or guarantor.
5.10. When storing personal data, the Administrator uses databases located on the territory of the Russian Federation.
6. UPDATING, CORRECTING, DELETING AND DESTROYING PERSONAL DATA, RESPONDING TO REQUESTS FROM PERSONAL DATA SUBJECTS FOR ACCESS TO PERSONAL DATA
6.1. In case of confirmation of the inaccuracy of personal data or the illegality of their processing, personal data must be updated by the Administrator, or their processing must be terminated accordingly.
6.2. The fact of inaccuracy of personal data or illegality of their processing may be established either by the personal data subject or by the competent state authorities of the Russian Federation.
6.3. At the written request of the personal data subject or his representative, the Administrator is obliged to provide information about the processing of personal data of the specified subject. The request must contain the number of the main document certifying the identity of the personal data subject and his representative, information about the date of issue of the specified document and the issuing authority, information confirming the participation of the personal data subject in relations with the Administrator (contract number, date of conclusion of the contract, conditional verbal designation and (or) other information), or information, otherwise confirming the fact of personal data processing by the Administrator, the signature of the personal data subject or his representative. The request can be sent in the form of an electronic document and signed with an electronic signature in accordance with the legislation of the Russian Federation.
6.4. If the request of the personal data subject does not reflect all the necessary information or the subject does not have access rights to the requested information, a reasoned refusal is sent to him.
6.5. In accordance with the procedure provided for in clause 6.3, the personal data subject has the right to require the Administrator to clarify his personal data, block or destroy them if the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing, as well as to take legal measures to protect their rights.
6.6. Upon achieving the purposes of personal data processing, as well as in the case of revocation of Consent by the personal data subject, personal data is subject to destruction if:
• The administrator does not have the right to process without the Consent of the personal data subject;
• nothing else is provided for in the contract to which the personal data subject is a party, beneficiary or guarantor.;
• unless otherwise provided by another agreement between the Administrator and the personal data subject.
7. FINAL PROVISIONS
7.1. All relations related to the processing of personal data that are not reflected in this Policy are regulated in accordance with the provisions of the legislation of the Russian Federation.
7.2. The Administrator has the right to make changes to this Policy. When making changes to the current version, the date of the last update is indicated. The new version of the Policy comes into force from the moment it is posted on the Website, unless otherwise provided by the new version of the Policy. The current version is always available on the Website at: https://careermanagementschool.com/.
1.1. This document (hereinafter referred to as the Policy) defines the policy regarding the processing of personal data by the CAREER MANAGEMENT SCHOOL SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA (Aleja Gen. Antoniego Chrusciela "MONTERA", 88a, Warszawa, 04-412, Poland, PL 9522224105, PL 75102010680000190203891959), hereinafter referred to as the Administrator).
1.2. This Policy has been developed in compliance with the requirements of Clause 2, Part 1, Article 18.1 of Federal Law No. 152-FZ dated 27.07.2006 "On Personal Data" (hereinafter referred to as the Personal Data Law).
1.3. The concepts contained in Article 3 of the Law on Personal Data are used in this Policy with a similar meaning.
1.4. This Policy applies to all operations performed by the Administrator with personal data using automation tools or without their use.
1.5. Basic rights and duties of the Administrator.
1.5.1. The Administrator has the right to:
• receive reliable information and/or documents containing personal data from the personal data subject;
• require the personal data subject to provide timely clarification of the personal data provided.
1.5.2. The Administrator is obliged to:
• process personal data in accordance with the procedure established by the current legislation of the Russian Federation;
• consider the requests of the personal data subject (his legal representative) regarding the processing of personal data and provide motivated answers;
• provide the personal data subject (his legal representative) with the opportunity to access his personal data free of charge;
• take measures to clarify and destroy the personal data of the personal data subject in connection with his (his legal representative's) handling of legitimate and reasonable demands;
• organize the protection of personal data in accordance with the requirements of the legislation of the Russian Federation.
1.6. Basic rights and obligations of personal data subjects:
1.6.1. Personal data subjects have the right to:
• full information about their personal data processed by the Administrator;
• the right to access their personal data, including the right to receive a copy of any record containing their personal data, except in cases provided for by federal law;
• to clarify their personal data, block it or destroy it in cases where the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing;
• revocation of consent to the processing of personal data;
• to take legal measures to protect their rights;
• to exercise other rights provided for by the legislation of the Russian Federation.
1.6.2. Subjects of personal data are obliged to:
• provide the Administrator with only reliable personal information;
• provide documents containing personal data to the extent necessary for the purpose of processing;
• inform the Administrator about the clarification (updating, modification) of their personal data.
1.6.3. Persons who have provided the Administrator with false information about themselves or information about another personal data subject without the latter's consent are liable in accordance with the legislation of the Russian Federation.
2. SCOPE AND CATEGORIES OF PERSONAL DATA PROCESSED, CATEGORIES OF PERSONAL DATA SUBJECTS
2.1. The Administrator may process the personal data of the following personal data subjects:
• Admin staff;
• Administrator's clients (individuals);
• representatives/employees of the Administrator's clients (legal entities);
• visitors to the Administrator's website(s) (hereinafter referred to as the Website and Sites).
2.2. Personal data processed by the Administrator includes:
• last name, first name, patronymic of the personal data subject;
• place of residence (region/city);
• specialty/area of professional interests;
• Mobile phone number;
• e-mail address (e-mail);
• the history of requests and views on the Site and its services (for Site visitors);
• other information (the list may be reduced or expanded depending on the specific case and the purposes of processing).
2.3. The Administrator ensures that the content and volume of personal data being processed correspond to the stated purposes of processing and, if necessary, takes measures to eliminate their redundancy in relation to the stated purposes of processing.
3. PURPOSES OF PERSONAL DATA COLLECTION
3.1. Personal data is processed by the Administrator for the following purposes::
• conclusion of any contracts with the subjects of personal data and their further execution;
• the Administrator conducts promotions, surveys, interviews, tests and research on Websites;
• providing personal data subjects with the Administrator's services and services, as well as information about the Administrator's development of new products and services, including those of an advertising nature;
• feedback from personal data subjects, including processing their requests and requests, informing them about the operation of the Website(s);
• monitoring and improving the quality of the Administrator's services, including those offered on the Website(s);
• management of personnel work and organization of employee accounting by the Administrator, regulation of labor and other relations directly related to them;
• formation of statistical reports;
• carrying out business activities;
• exercise of other functions, powers and duties assigned to the Administrator by the legislation of the Russian Federation.
4. LEGAL GROUNDS FOR PERSONAL DATA PROCESSING
4.1. The legal grounds for processing the Administrator's personal data are:
• The Constitution of the Russian Federation;
• The Labor Code of the Russian Federation;
• The Civil Code of the Russian Federation;
• Federal Law No. 149-FZ of July 27, 2006 "On Information, Information Technologies and Information Protection";
• Federal Law No. 294-FZ of December 26, 2008 "On the Protection of the Rights of Legal Entities and Individual Entrepreneurs in the Exercise of State Control (Supervision) and Municipal Control";
• Decree of the President of the Russian Federation No. 188 dated March 6, 1997 "On approval of the List of confidential information";
• Decree of the Government of the Russian Federation No. 687 dated September 15, 2008 "On Approval of the Regulation on the Specifics of Personal Data Processing carried out without the use of automation tools";
• Decree of the Government of the Russian Federation No. 1119 of November 1, 2012 "On Approval of Requirements for the Protection of Personal Data during their Processing in Personal Data Information Systems";
• Roskomnadzor Order No. 996 dated September 5, 2013 "On Approval of requirements and methods for depersonalization of personal data";
• FSTEC of Russia Order No. 21 dated February 18, 2013 "On Approval of the Composition and Content of Organizational and Technical Measures to Ensure the Security of Personal Data during their Processing in Personal Data Information Systems";
• statutory documents of the Administrator;
• contracts concluded between the Administrator and the subjects of personal data;
• consent of personal data subjects to the processing of personal data;
• other grounds where consent to the processing of personal data is not required by law.
5. PROCEDURE AND CONDITIONS OF PERSONAL DATA PROCESSING
5.1. The processing of personal data by the Operator is carried out in the following ways:
• non-automated processing of personal data;
• automated processing of personal data with or without transmission of the received information via information and telecommunication networks;
• Mixed processing of personal data.
5.2. The list of actions performed by the Administrator with personal data: collection, systematization, accumulation, storage, clarification (updating, modification), use, distribution (including transfer), depersonalization, blocking, destruction, as well as the implementation of any other actions in accordance with the current legislation of the Russian Federation.
5.3. The processing of personal data is carried out by the Administrator subject to obtaining the consent of the personal data subject (hereinafter referred to as Consent), except in cases established by the legislation of the Russian Federation when the processing of personal data may be carried out without such Consent.
5.4. The personal data subject decides on the provision of his personal data and gives Consent freely, voluntarily and in his own interest.
5.5. Consent is given in any form that allows to confirm the fact of its receipt. In cases stipulated by the legislation of the Russian Federation, Consent is given in writing.
5.6. The condition for termination of personal data processing may be the achievement of personal data processing goals, the expiration of Consent or withdrawal of Consent by the personal data subject, as well as the identification of unlawful processing of personal data.
5.7. Consent may be revoked by written notification sent to the Administrator by registered mail with notification.
5.8. When processing personal data, the Operator takes or ensures the adoption of necessary legal, organizational and technical measures to protect personal data from unlawful or accidental access to them, destruction, modification, blocking, copying, provision, dissemination of personal data, as well as from other unlawful actions with respect to personal data.
5.9. Personal data is stored in a form that makes it possible to identify the subject of personal data for a period not longer than the purposes of personal data processing require, except in cases where the period of personal data storage is established by federal law, an agreement to which the personal data subject is a party, beneficiary or guarantor.
5.10. When storing personal data, the Administrator uses databases located on the territory of the Russian Federation.
6. UPDATING, CORRECTING, DELETING AND DESTROYING PERSONAL DATA, RESPONDING TO REQUESTS FROM PERSONAL DATA SUBJECTS FOR ACCESS TO PERSONAL DATA
6.1. In case of confirmation of the inaccuracy of personal data or the illegality of their processing, personal data must be updated by the Administrator, or their processing must be terminated accordingly.
6.2. The fact of inaccuracy of personal data or illegality of their processing may be established either by the personal data subject or by the competent state authorities of the Russian Federation.
6.3. At the written request of the personal data subject or his representative, the Administrator is obliged to provide information about the processing of personal data of the specified subject. The request must contain the number of the main document certifying the identity of the personal data subject and his representative, information about the date of issue of the specified document and the issuing authority, information confirming the participation of the personal data subject in relations with the Administrator (contract number, date of conclusion of the contract, conditional verbal designation and (or) other information), or information, otherwise confirming the fact of personal data processing by the Administrator, the signature of the personal data subject or his representative. The request can be sent in the form of an electronic document and signed with an electronic signature in accordance with the legislation of the Russian Federation.
6.4. If the request of the personal data subject does not reflect all the necessary information or the subject does not have access rights to the requested information, a reasoned refusal is sent to him.
6.5. In accordance with the procedure provided for in clause 6.3, the personal data subject has the right to require the Administrator to clarify his personal data, block or destroy them if the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing, as well as to take legal measures to protect their rights.
6.6. Upon achieving the purposes of personal data processing, as well as in the case of revocation of Consent by the personal data subject, personal data is subject to destruction if:
• The administrator does not have the right to process without the Consent of the personal data subject;
• nothing else is provided for in the contract to which the personal data subject is a party, beneficiary or guarantor.;
• unless otherwise provided by another agreement between the Administrator and the personal data subject.
7. FINAL PROVISIONS
7.1. All relations related to the processing of personal data that are not reflected in this Policy are regulated in accordance with the provisions of the legislation of the Russian Federation.
7.2. The Administrator has the right to make changes to this Policy. When making changes to the current version, the date of the last update is indicated. The new version of the Policy comes into force from the moment it is posted on the Website, unless otherwise provided by the new version of the Policy. The current version is always available on the Website at: https://careermanagementschool.com/.