Personal Data Processing Policy
1. General provisions
The present Personal Data Processing Policy has been prepared in accordance with the requirements of Russia federal law №152-FZ on Personal Data of 27 July 2006 and defines the processing of personal data and measures to ensure the security of personal data taken by Elissa LLC (hereinafter referred to as the Operator).
1.1 The Operator sets the observance of human and civil rights and freedoms when processing personal data, including the right to privacy, personal and family secrecy as their most important goals and conditions when implementing their activities.
1.2 The Operator`s present Personal Data Processing Policy (hereinafter referred to as the Policy) applies to all data the Operator may receive about visitors to the website, https://www.elissa-llc.ru.
2. Basic concepts used in the Policy
2.1 Automated processing of personal data ‒ the processing of personal data using computer technology.
2.2 Blocking of personal data ‒ the temporary stopping of personal data processing (except in the cases when processing is needed to clarify personal data).
2.3 Website ‒ a set of graphic and information materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address https://www.elissa-llc.ru
2.4 Personal data information system ‒ the entire set of personal data contained in databases, and using information technologies and technical devices to ensure their processing.
2.5 Depersonalization of personal data ‒ actions that make it impossible to determine one’s identity through the personal data of a specific User or another personal data subject, without using additional information.
2.6 Processing of personal data ‒ any action (operation) or a set of actions (operations) performed using automated tools or without using such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7 Operator ‒ a state body, a municipal body, a legal entity or an individual, that independently or jointly with other persons organize and (or) carry out the processing of personal data, as well as determine the purposes of processing personal data, the composition of personal data to be processed, and actions (operations) performed with the personal data.
2.8 Personal data ‒ any information relating directly or indirectly to a specific or identifiable User of the website https://www.elissa-llc.ru
2.9 User ‒ any visitor to the website https://www.elissa-llc.ru
2.10 Provision of personal data ‒ actions aimed at disclosing personal data to a certain person or a certain circle of persons.
2.11 Dissemination of personal data ‒ any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or at familiarization with the personal data of an unlimited number of persons, including the disclosure of personal data in the media, posting it in information and telecommunication networks or providing access to personal data in any other way.
2.12 Cross-border transfer of personal data – the transfer of personal data to the territory of a foreign state, to the authority of a foreign state, or to a foreign individual or foreign legal entity.
2.13 Destruction of personal data – any actions that result in the irrevocable destruction of personal data with the impossibility of further restoring the personal data content in the personal data information system and (or) material carriers of personal data are destroyed.
3. The Operator can process the following personal data of the User
3.1 Surname, name
3.2 Email address
3.3 Phone number
3.4 Delivery address
3.5 Purchase history
3.6 Information about the buyer's vehicle (make, year, vin number).
3.7 The site also collects and processes anonymized data about visitors (including cookies) using Internet statistics services (Yandex Metrics and Google Analytics, etc.).
4. Purposes of processing personal data
4.1 The purpose of processing the User’s personal data is to inform the User by sending e-mails, provide the User with access to all services, and information and/or materials contained on the website.
4.2 The Operator also has the right to send notifications to the User about new products and services, special offers and various events. The user can always refuse to receive informational messages by sending an e-mail to the Operator email@example.com with a note “Refusal to notify about new products and services and special offers”.
4.3 Anonymous User data collected using Internet statistics services, are used to collect information about the users' actions on the site, improve the quality of the site and its content.
5. Legal basis for the processing of personal data
5.1 The Operator processes the User’s personal data only if it is completed and/or sent by the User independently through special forms located on the website https://www.elissa-llc.ru. By filling out the appropriate forms and/or sending your personal data to the Operator, the User agrees to this Policy.
6. The procedure for the collection, storage, transfer, and other types of personal data processing.
6.1 The security of personal data processed by the Operator is ensured by organizational, legal, and technical measures necessary to fully comply with the requirements of current legislation in the field of personal data protection.
6.2 The Operator ensures the security of personal data and applies all possible measures to exclude access to personal data by unauthorized persons.
6.3 We may share your personal data or have it processed by third parties. For example, if you have ordered a delivery from our website, we will pass your details on to the delivery service.
6.4 In case any inaccuracies in personal data are revealed, the User can update them themselves by sending a notification to the Operator at the email address firstname.lastname@example.org marked ‘Personal data update’.
6.5 The time of personal data processing is unlimited. The User can withdraw their consent to personal data processing by sending a notification to the Operator, at the email address email@example.com marked ‘Withdrawal of consent to personal data processing’.
7. Cross-border transfer of personal data
7.1 Before starting a cross-border transfer of personal data, the Operator shall make sure that the foreign country of the territory, to which personal data is supposed to be transferred, provides reliable protection of the rights of the subjects’ personal data. We only transfer personal data to countries that provide adequate protection.
7.2 The cross-border transfer of personal data on the territory of a foreign country that doesn’t meet the abovementioned requirements can only be performed if the subject of the relevant personal data has given their written consent for the cross-border transfer of their personal data and/or execution of the contract with the subject of personal data as a party.
8. Final provisions
8.1 The User can get any explanation regarding points of interest about their personal data processing by addressing the Operator via email firstname.lastname@example.org.
8.2 Any amendments to the Personal Data Processing Policy made by the Operator will be recorded in this document. The Policy remains in force indefinitely until it is replaced with a new version.
8.3 The latest version of the Policy is available at free access on https://www.elissa-llc.ru/en/policy