Informations Légales | Bellerage

Personal Data Processing and Protection Policy





1. Purposes and Scope

1.1. This Personal Data Processing and Protection Policy (hereinafter referred to as the “Policy”) is adopted and enforced by Bellerage Outsourcing and Consulting Limited Liability Company, TIN 7707743155, located at: 115054, Moscow, Shchipok St., 11, building 1 (“Operator”).

1.2. This Policy is a publicly available document of the Operator and provides for the possibility of free access to it by all third parties.

1.3. All terms and definitions used in this Policy are used in the same meaning as in the Federal Law “On Personal Data” No. 152-FZ.

1.4. The scope of this Policy extends to the processing of personal data of all individuals (hereinafter referred to as “Subject”) who provide the Operator with their personal data, including - employees of the Operator and its clients, as well as - individuals who provide their personal data on a voluntary basis for the purpose of participating in events organized and conducted by the Operator, including events for the personnel recruitment by the Operator, obtaining assistance from the Operator in establishing business contacts by the Subject in areas of interest.

1.5. The scope of this Policy extends to all structural units of the Operator, including its separate subdivisions, as well as to all third parties involved in the process of processing personal data by the Operator, including the transfer of personal data to them based on concluded agreements or assignments for the processing of personal data.

2. Procedures and Scope of Personal Data Processing

2.1. Processing of personal data is carried out by the Operator either with or without the use of automation means.

2.2. Processing of personal data by the Operator includes collection, recording, systematization, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), blocking, deletion, and destruction of personal data.

2.3. The content and scope of personal data being processed are determined by the Operator based on the purpose of processing. The purposes of processing personal data by the Operator include:

2.3.1. Registration of the Subject on the Operator’s website and for providing the Subject with access to its separate sections;

2.3.2. Providing the Subject with information about the Operator, its services, and events;

2.3.3. Responding to inquiries from the Subject and providing answers to requests for additional information;

2.3.4. Organizing the Subject’s participation in events and surveys conducted by the Operator;

2.3.5. Sending news materials to the Subject;

2.3.6. Distributing requested reference materials;

2.3.7. Entering into an agreement;

2.3.8. Performing client’s onboarding procedures;

2.3.9. Developing services and areas of activity of the Operator (in particular, determining customer needs and opportunities for improving the efficiency and quality of service delivery);

2.3.10. Implementing measures to ensure security, quality, and risk management, including detection, investigation, and elimination of security threats.

2.3.11. Providing and receiving professional services;

2.3.12. Other purposes with the consent of the Subject;

2.3.13. Achieving other goals that do not contradict the law.

2.4. The Operator does not process special categories of personal data relating to racial and ethnic origin, political opinions, religious and philosophical beliefs, health, intimate life, and criminal record of individuals, except when the Subject has given their written consent to the processing of such data.

2.5. The Operator does not carry out cross-border transfer of personal data, unless the Subject has given their written consent to this.

2.6. The Operator does not process biometric personal data, except when the Subject has given their written consent to the processing of such data.

2.7. When processing personal data, the Operator ensures the accuracy of personal data, their sufficiency, and relevance to the purposes of processing. Upon discovering inaccurate or incomplete personal data, their clarification and updating is carried out.

2.8. Confidentiality is ensured for personal data that is not publicly available.

2.9. Processing and storage of personal data are carried out within the period necessary for the purposes of processing personal data, if there are no legal grounds for further processing of personal data, for example, if their storage period is not established by federal law, by an agreement with the Subject, or by the consent of the Subject. Processed personal data is subject to destruction upon the occurrence of the following conditions:

  • Achievement of the purposes of processing personal data or the maximum storage period - within 30 calendar days;
  • Loss of necessity to achieve the purposes of processing personal data - within 30 calendar days;
  • The Subject or their legal representative providing confirmation that the personal data was obtained unlawfully or is not necessary for the stated purpose of processing - within 7 calendar days;
  • The Subject withdrawing their consent to the processing of personal data - within 30 calendar days;
  • Liquidation (reorganization) of the Operator;
  • Other cases specifically provided for by law.

3. Ensuring the Security of Personal Data

3.1. The Operator takes the necessary legal, organizational, and technical measures, implements requirements for the protection of personal data to ensure the security of personal data, to protect it from unauthorized (including accidental) access, destruction, modification, blocking of access, and other unauthorized actions. Such measures include, in particular:

  • Appointing employees responsible for organizing the processing and ensuring the security of personal data;
  • Checking the presence of clauses on ensuring the confidentiality of personal data in agreements and including them, if necessary, in agreements;
  • Issuing local acts on issues of personal data processing, familiarizing employees and other persons with them;
  • Ensuring the physical security of premises, places of storage of personal data, and processing facilities;
  • Limiting and differentiating access of employees and other persons to personal data and processing facilities, monitoring operations with personal data;
  • Using security tools (anti-virus software, unauthorized access protection tools);
  • Backing up information for the possibility of recovery;
  • Carrying out internal control over compliance with the established procedures, checking the effectiveness of the measures taken.

4. Rights of Data Subjects

4.1. The Subject has the right to withdraw consent to the processing of personal data by sending a corresponding request to the Operator in the form of an original by mail or provided in person to the Operator, as well as it can be sent in the form of a scanned copy to the email address russia@bellerage.com.

4.2. The Subject has the right to receive information relating to the processing of their personal data, including containing:

  • Confirmation of the fact of processing personal data by the Operator;
  • Legal grounds and purposes of processing personal data;
  • Purposes and methods of processing personal data used by the Operator;
  • Name and location of the Operator, information about individuals (except for employees of the Operator) who have access to personal data or to whom personal data may be disclosed based on an agreement with the Operator or based on federal law;
  • Processed personal data relating to the corresponding data subject, the source of their obtaining, if a different procedure for providing such data is not provided by federal law;
  • Terms of processing personal data, including their storage period;
  • The procedure for exercising the rights of the data subject provided for in the Federal Law “On Personal Data”;
  • • Information about the carried out or planned cross-border data transfer;
  • Name or surname, first name, patronymic, and address of the person processing personal data on behalf of the Operator, if processing is entrusted or will be entrusted to such a person;
  • Other information provided for by law.

4.3. The Subject has the right to demand from the Operator that their personal data be clarified, blocked, or destroyed if the personal data is incomplete, outdated, inaccurate, obtained unlawfully, or is not necessary for the stated purpose of processing, as well as to take measures provided for by law to protect their rights.

4.4. If the Subject believes that the Operator is processing their personal data in violation of the requirements of the law or is otherwise violating their rights and freedoms, the data subject has the right to challenge the actions or inaction of the Operator to the authorized body for the protection of the rights of data subjects or in court.

4.5. The data subject has the right to protect their rights and legitimate interests, including to seek compensation for damages and (or) compensation for moral harm in court.

5. Other Provisions

5.1. Control over the implementation of the requirements of this Policy is carried out by the person responsible for organizing the processing of personal data at the Operator within their powers.

5.2. The Operator, its officials, and employees bear civil and other liability for non-compliance with the procedures, scope, and conditions of processing personal data, as well as for disclosure or illegal use of personal data in accordance with the law.

5.3. You can contact the Operator with a request or complaint regarding the processing of your personal data by sending us a letter with the subject line “Request for Personal Data” indicating the purposes for providing us with your data and the operations carried out by the Operator for their processing to the email address: russia@bellerage.com or to the address: 115054, Moscow, Shchipok St., 11, building 1.The Operator may request additional information regarding your request, which is necessary to prepare a response.

5.4. This Policy is reviewed and updated by the Operator as needed. In case of a conflict of versions of the Policies, the Policy posted on the Operator’s website is considered current.

5.5. Suggestions for improving this Policy can be sent to the email address russia@bellerage.com.

Nous sommes ouverts aux nouvelles idées et solutions, ainsi qu'à vos questions Laissez-nous vos coordonnées, nous vous recontacterons dans les meilleurs délais
Merci!

Nous reviendrons vers vous sous peu

Laissez-nous votre adresse e-mail pour rester à jour
Bellerage Online©
Leadership technologique dans l'externalisation financière

Bellerage Online© vous permet une interaction rapide et efficace avec votre partenaire d’externalisation. Surveillez les indicateurs financiers et processus administratifs à tout moment et de n'importe où dans le monde.

Accessible via une interface web ou une application mobile, notre plateforme unique vous permet de

  • Communiquer avec votre consultant, créer des demandes et évaluer nos services en temps réel,
  • Soumettre des documents pour traitement,
  • Accéder aux documents dans votre bibliothèque en ligne,
  • Signer des documents de manière électronique,
  • Automatiser et contrôler les processus métiers de votre entreprise,
  • Analyser vos chiffres financiers à l'aide de rapports en ligne dynamiques.

Bellerage Online© est gratuit pour nos clients et accessible à un nombre illimité d'utilisateurs – du personnel opérationnel aux représentants du siège. Disponible en version anglaise et russe.

Sorry

Your browser is not supported