General Conditlions
This Document defines the procedure for processing personal data and measures to ensure the security of personal data at https://gareval.com in order to protect the rights and freedoms of individuals and citizens in the processing of their personal data, including the protection of the rights to privacy, personal and family secrets.
Principles and Conditions of Data Processing
The data permitted to be processed in this Document are provided by the data subject by filling in the registration form on this Site, and include first and last name, phone number and email of the user.
Gareval protects data that is automatically transmitted when a data subject views advertisements, including Cookies. Gareval collects statistics on the IP addresses of its visitors. This information is used for the purpose of detecting technical problems.
The operator does not verify the reliability of personal data provided by the subject and has no way to assess his or her competence. But the operator assumes that the personal data subject provides reliable and sufficient data and keeps this information up to date.
Gareval's processing of personal data is based on the following principles:
- Legality and fair basis;
- Limiting the processing of personal data to the achievement of specific, predetermined and legitimate purposes;
- Preventing processing of personal data that is incompatible with the purposes of personal data collection;
- Prevent combining databases containing personal data, processing of which is incompatible with the purposes of personal data collection;
- Processing only those personal data which meet the purposes of its processing;
- Compliance of the content and volume of processed personal data with the stated processing purposes;
- Non-admission of processing of personal data, excessive in relation to the stated objectives of their processing;
- Ensuring accuracy, sufficiency and relevance of personal data in relation to the purpose of personal data processing;
- Destruction or depersonalization of personal data upon achievement of personal data processing objectives or in case of loss of necessity in achievement of such objectives, in case of impossibility to eliminate violations of personal data committed by the Operator, unless otherwise provided by the federal law.
Confidentiality of personal data
The operator and other persons who obtained access to personal data are obliged not to disclose or distribute personal data to third parties without consent of the subject of personal data, unless otherwise provided by the federal law.
Assignment of personal data processing to another person
Gareval may entrust processing of personal data to another person with the consent of the subject of personal data, unless otherwise provided by federal law, based on a contract to be entered into with such person.
Cookies
We use Cookies to improve the operation and effectiveness of the Site. By continuing to use this site, you consent to the processing of cookies, user data (information about the location; type and version of operating system; type and version of the Browser; type of device and its screen resolution; the source where the user came to the site; from which site or through which advertisements; language of operating system and Browser; which pages the user opens and clicks on; ip address) for the purposes of site operation, retargeting and conducting statistical research and surveys.
If you do not want your data to be processed, you can leave the site or you can turn it off in your browser's security settings. It is important to understand that the settings must be applied in all browsers you use on your device.
Purposes of Personal Data Processing
This Site processes personal data for the following purposes:
- Identifying the subject of personal data when registering on this Site;
- Providing the subject of personal data with access to the personalized resources of this Site;
- Creating a unique account for the subject of personal data on this Site;
- Systematization of personal data (formation of a database);
- Processing of personal data for other purposes, agreed by the personal data subject.
Rights of the User
Users decide to provide their personal data and consent to its processing freely, of their own free will and in their own interest.
Users may receive information regarding the processing of their personal data, unless such right is restricted by law. The subject of personal data may demand clarification of their personal data, to have it blocked or destroyed, and to take statutory measures to protect their rights.
Processing of personal data in order to promote goods, works, services in the market through direct contact with the potential consumer by means of communication, as well as for political campaigning is allowed only with the prior consent of the subject of personal data. Such processing of personal data shall be deemed to be carried out without the prior consent of users.
Users may protect their rights and legitimate interests, including compensation for damages and compensation for moral harm in court.
Ensuring security of personal data
The security of personal data is ensured by implementing legal, organizational and technical measures necessary to ensure the requirements of legislation in the field of personal data protection.
To prevent unauthorized access to personal data, the following measures are applied:
- Appointment of officials responsible for the organization of processing and protection of personal data;
- Restriction of persons having access to personal data;
- Familiarization of the subjects with the requirements of the federal legislation and the Operator's regulatory documents on processing and protection of personal data;
- Organization of accounting, storage and circulation of data carriers;
- Identification of threats to security of personal data in their processing, formation of threat models based on them;
- Development of personal data protection system based on the threat model;
- Verification of readiness and effectiveness of information security tools;
- Delimitation of user access to information resources and software and hardware for information processing;
- Registration and accounting of actions of users of personal data information systems;
- Use of antivirus and recovery tools of personal data protection system;
- Use of firewall, intrusion detection, security analysis and cryptographic protection of information, if necessary.