Privacy policy

Date of publication: 25.01.2024.

This Privacy Policy (hereinafter referred to as the “Policy”) defines the general principles and procedure for processing Personal Data, as well as other data of the Personal Data Subject and measures to ensure their security, implemented when Personal Data Subjects use the website at: www.koop.ae, including any derivative domain names, including subdomains and subsidiary domains (hereinafter referred to as the “Site”) owned by IE Levin Vitaly Gennadyevich (hereinafter referred to as the “Operator”).

The Policy is a public document, the text of which is permanently posted on the Internet at: https://www.koop.ae/policy, where it is available to an unlimited number of people.

1. Terms

1.1. Personal data is any information relating directly or indirectly to a specific or identifiable individual (Personal Data Subject).

1.2. Personal Data Processing (Processing) is any action (operation) or a set of actions (operations) with Personal Data performed using automation tools or without using such tools, including collecting, recording, systematizing, accumulating, storing, clarifying (updating, changing), extracting, using, transferring (providing, accessing), anonymizing, blocking, deleting and destroying Personal Data.

1.3. Dissemination of Personal Data is actions aimed at disclosing Personal Data to an indefinite number of persons.

1.4. Provision of Personal Data — actions aimed at disclosing Personal Data to a specific person or a certain circle of persons.

1.5. Blocking Personal Data is a temporary cessation of Personal Data processing (except when processing is necessary to clarify Personal Data).

1.6. Destruction of Personal Data means actions that make it impossible to restore the content of Personal Data in the Personal Data information system and/or as a result of which material carriers of Personal Data are destroyed.

1.7. Anonymization of Personal Data is an action that makes it impossible to determine whether Personal Data belongs to a specific Personal Data Subject without using additional information.

1.8. The Personal Data Information System is a set of Personal Data contained in databases and information technologies and technical means that ensure their processing.

1.9. Cookies are information that may contain the following information about the Subject: the device's IP address, geolocation data, information about the program used to access the Site, technical characteristics of the hardware and software that the Subject uses, the date and time of access to the Site, as well as other similar information.

1.10. Personal Data Subject (Subject) is an individual who is directly or indirectly identified or determined using Personal Data. For the purposes of the Policy, the Subject means a person visiting the Site.

Other terms are interpreted in accordance with laws and regulations in the field of collecting and processing Personal Data.

2. General provisions

2.1. This Personal Data Processing Policy has been developed in accordance with the provisions of Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” (as amended and supplemented), other laws and regulations in the field of collecting and processing Personal Data (hereinafter referred to as the “Legislation”) and determines the procedure for working with the Subject's Personal Data that the Operator collects through the Site, as well as the requirements for ensuring their security.

2.2. The subject has the right to:

2.2.1. Make a decision to provide your Personal Data to the Operator and agree to their Processing freely, by your own will and in your own interest.

2.2.2. Receive information regarding the Processing of his Personal Data.

2.2.3. Require the Operator to clarify Personal Data, block or destroy it if the Personal Data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing.

2.2.4. To appeal against the actions (inaction) of the Operator who processes Personal Data in violation of the requirements of the Legislation or otherwise violates his rights and freedoms to the authorized body for the protection of the rights of Subjects or in court.

2.2.5. Take measures provided for by law to protect their rights and legitimate interests, including by compensating for losses and/or compensating for non-pecuniary damage in court.

2.3. The operator is obliged to:

2.3.1. Take measures necessary and sufficient to comply with the Subject's rights and fulfill the obligations provided for by the Legislation.

2.3.2. Appoint a person responsible for the Processing of Personal Data.

2.3.3. To adopt internal documents on the Processing of Personal Data and ensuring their security.

2.3.4. Review the internal documents specified in para. 2.3.3 Politicians, employees against signature.

2.3.5. Train employees on a regular basis and inform them of the requirements of the Legislation.

2.3.6. Conduct internal audits on a regular basis and monitor that Personal Data Processing processes comply with the Law.

2.3.7. Regularly assess the harm that may be caused to Entities in the event of a violation of their rights and the requirements of the Legislation.

2.3.8. Provide the Subject with information regarding the Processing of the Subject's Personal Data when receiving a request from such a Subject.

2.3.9. Stop Processing if facts of unlawful Personal Data Processing are revealed.

2.3.10. Destroy Personal Data in accordance with the procedure established by the Legislation if it is impossible to ensure the lawfulness of the Processing of Personal Data.

2.3.11. Block Personal Data and clarify it in accordance with the procedure established by the Legislation if Personal Data is inaccurate.

3. Legal grounds for processing personal data

3.1. The Operator processes Personal Data on the basis of the following acts:

3.1.1. Legislation governing the Operator's activities; including the Civil Code of the Russian Federation.

3.1.2. The Operator's statutory documents.

3.1.3. Contracts concluded between the Operator and the Entity.

3.1.4. Consent to the Processing of Personal Data.

4. The scope of personal data processed and the purposes of processing

4.1. Personal data is processed by the Operator for the following purposes:

4.1.1. Providing the Subject with access to the functionality of the Site:

the list of Personal Data processed: name, mobile phone number, email address, metrics.

categories of Personal Data processed: Personal Data does not constitute special or biometric Personal Data.

methods of processing and storing Personal Data: collecting, recording, systematizing, accumulating, storing, clarifying (updating, modifying), extracting, transferring (providing, accessing), anonymizing, blocking, deleting, destroying.

terms of processing and storing Personal Data: the period of use of the Site.

procedure for the destruction of Personal Data: deleting Personal Data from electronic and/or tangible media or destroying material media containing Personal Data.

4.1.2. Conclusion of agreements initiated by the Personal Data Subject under which the Subject is a party or representative of a party, including negotiating the conclusion of such agreements:

the list of Personal Data processed: name, links to social media accounts, position, past place of work, other Personal Data reported by the Subject to conclude agreements with the Operator, in which the Subject is a party or representative of the party.

categories of Personal Data processed: Personal Data does not constitute special or biometric Personal Data.

methods of processing and storing Personal Data: collecting, recording, systematizing, accumulating, storing, clarifying (updating, modifying), extracting, transferring (providing, accessing), anonymizing, blocking, deleting, destroying.

terms of processing and storing Personal Data: until the purpose of processing Personal Data is achieved.

procedure for the destruction of Personal Data: deleting Personal Data from electronic and/or tangible media or destroying material media containing Personal Data.

4.1.3. Receipt of advertising notifications by the Subject:

list of Personal Data processed: name, email address.

categories of Personal Data processed: Personal Data does not constitute special or biometric Personal Data.

methods of processing and storing Personal Data: collecting, recording, systematizing, accumulating, storing, clarifying (updating, modifying), extracting, transferring (providing, accessing), anonymizing, blocking, deleting, destroying.

terms of processing and storing Personal Data: until consent to the advertising newsletter is withdrawn.

procedure for the destruction of Personal Data: deleting Personal Data from electronic and/or tangible media or destroying material media containing Personal Data.

4.1.4. Improving the performance of the Site:

the list of Personal Data processed: metrics (including Cookies, information about the dates and times of visiting the Site, the pages of the Site viewed).

categories of Personal Data processed: Personal Data does not constitute special or biometric Personal Data.

methods of processing and storing Personal Data: collecting, recording, systematizing, accumulating, storing, clarifying (updating, modifying), extracting, transferring (providing, accessing), anonymizing, blocking, deleting, destroying.

procedure for the destruction of Personal Data: deleting Personal Data from electronic and/or tangible media or destroying material media containing Personal Data.

5. The procedure and conditions for the processing of personal data

5.1. The Operator may process Personal Data in the following cases:

5.1.1. If the Personal Data Subject agrees to the processing of his Personal Data obtained during registration on the Site.

5.1.2. If there are grounds provided for by Law that allow the processing of Personal Data without the consent of the Personal Data Subject.

5.2. The Operator processes the Subject's Personal Data both without using automation tools and using them.

5.3. The Operator does not process Personal Data related to special categories and related to race and nationality, political views, religious or philosophical beliefs, health status, intimate life, membership in public associations, as well as related to biometric Personal Data, except as expressly provided for by Law.

5.4. The Operator has the right to transfer the Subject's Personal Data without his consent to the following persons:

5.4.1. State bodies, including bodies of inquiry and investigation, and local governments at their reasoned request.

5.4.2. Other persons whose transfer of Personal Data is expressly provided for by law.

5.5. The Operator ensures the confidentiality of Personal Data, including that the Operator does not disclose to third parties and does not distribute Personal Data without the consent of the Subject, unless otherwise provided by Law.

5.6. The Operator ensures the security of Personal Data in accordance with the procedure provided for by the Legislation, including by:

5.6.1. Definitions of security threats when they are processed in Personal Data Information Systems.

5.6.2. The use of organizational and technical measures to ensure the security of Personal Data when Processing them in Personal Data Information Systems necessary to meet the requirements for the protection of Personal Data, the implementation of which ensures the levels of Personal Data protection established by the Government of the Russian Federation.

5.6.3. Accounting for personal data carriers.

5.6.4. Detecting unauthorized access to Personal Data and taking measures to protect it.

5.6.5. Establishing rules for access to Personal Data processed in the Personal Data Information System, as well as ensuring the registration and recording of all actions performed with Personal Data in the Personal Data Information System.

5.6.6. Control over measures taken to ensure the security of Personal Data and the level of protection of Personal Data Information Systems.

5.7. Access to Information Systems containing Personal Data is provided by a password system. Passwords are set by the Operator's authorized employees and are individually reported to the Operator's employees who have access to Personal Data. The Operator restricts access to the Subject's Personal Data only to those employees who require it in accordance with their official duties.

5.8. The Operator stops Processing Personal Data when the Processing goals are achieved, if the Subject expires or revokes his consent to the Processing, as well as if unlawful Personal Data Processing is detected. The Operator has the right to continue Processing Personal Data in cases provided for by the Legislation.

5.9. Personal data is stored and processed for the period necessary to achieve the stated purposes of the Processing.

5.10. Personal data is collected, stored and processed in the Russian Federation.

6. Modification, deletion and destruction of personal data

6.1. The Subject has the right to change (update, supplement) Personal Data at any time by contacting the Operator by sending a written application to the e-mail address: admin@koop.ae

6.2. The Subject has the right to require the Operator to clarify his Personal Data, block or destroy them if the Personal Data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of Processing, as well as take measures provided for by Law to protect his rights. To exercise this right, the Subject has the right to personally submit an appropriate request by sending it to the Operator by e-mail:admin@koop.ae

6.3. Upon receipt of the Subject's request for information regarding the Processing of Personal Data, the Operator undertakes to provide the Subject with such information free of charge in an accessible form within 10 (ten) calendar days.

6.4. If cases of illegal Personal Data Processing are detected, the Operator undertakes to stop such Processing. If it is impossible to ensure the lawfulness of the Processing of Personal Data, the Operator undertakes to destroy such Personal Data in accordance with the procedure established by the Legislation.

6.5. If Personal Data is found to be inaccurate, the Operator undertakes to block such Personal Data and clarify them in accordance with the procedure established by Law.

6.6. If the Subject believes that the Operator is Processing Personal Data in violation of the requirements of the Legislation or otherwise violates its rights and freedoms, the Subject has the right to file a claim with the Operator, as well as appeal against the Operator's actions or omissions to the authorized body for the protection of the rights of Subjects or in court.

6.7. The Subject may at any time withdraw his consent to the Processing of Personal Data by sending a written application to the Operator by e-mail: admin@koop.ae

6.8. When the Operator receives a request containing the withdrawal of the Subject's consent to the Processing of Personal Data, within 30 (thirty) calendar days from the date of its receipt, the Operator is obliged to delete the Personal Data and stop Processing it, except as expressly provided for by Law that allow the Processing of Personal Data without the Subject's consent.

7. Other provisions

7.1. The law of the Russian Federation shall apply to this Policy and the relations between the Subject and the Operator arising in connection with the Policy.

7.2. If, for one reason or another, one or more provisions of the Policy are declared invalid or unenforceable, this does not affect the validity or applicability of the remaining provisions of the Policy.

7.3. The Operator has the right to amend the Policy unilaterally by posting a new version of the Policy at: https://www.koop.ae/policy. The changes take effect the day after they are posted at the specified address.

8. Operator details

IP Levin Vitaly Gennadyevich

OGRN: 323645700051332

INN: 645412087636

Email: admin@koop.ae