Rules

processing of personal data

The rules for processing personal data of the Limited Liability Company "Digital Nomad" (abbreviated name - LLC) have been developed in accordance with the provisions of the legislation of the Russian Federation and the Rules for using the Application Service, posted on the website digital-nomad.gr at: https://digital-nomad.gr/policy.html.

The PDn Rules are an appendix to the Rules for using the Application Service and an integral part thereof. By accepting the terms of the Rules for using the Application Service, the User automatically accepts the terms of these PDn Rules.

Terms and definitions.

Parties – Administration and any User registered in the Application.
Personal data (PD) – any information directly or indirectly related to a specific
or identifiable individual (subject of personal data). Personal data processing — any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
Dissemination of personal data — actions aimed at disclosing personal data to an indefinite number of persons.
Provision of personal data — actions aimed at disclosing personal data to a specific person or a specific number of persons.
Blocking of personal data — temporary cessation of processing of personal data (except in cases where processing is necessary to clarify personal data);
Destruction of personal data — actions that make it impossible to restore the contents of personal data in the personal data information system and (or) that destroy the tangible media of personal data;
Depersonalization of personal data — actions that make it impossible to determine the ownership of personal data by a specific personal data subject without using additional information.
Information — data (messages, data) regardless of the form of their presentation.
Documented information — information recorded on a tangible medium by documenting with details that make it possible to identify such information or its tangible medium.
Confidentiality of personal data — a requirement that the Administration or another person who has access to personal data must comply with to prevent their dissemination without the consent of the personal data subject or the presence of another legal basis.

1. General Provisions.

1.1. The PDn Rules establish the obligations of the Administration to non-disclosure and ensure the protection of the privacy of personal data, which the User provides.
1.2. The use of the Service by the User means consent to the PDn Rules and the terms of processing of the User's personal data by the Administration.
In case of disagreement with the terms of the PDn Rules, the User undertakes to stop using the Service.
1.3. Personal data permitted for processing within the framework of these PDn Rules are provided by the User voluntarily by filling in various forms when registering in the Application and using the Service and include the following information: last name, first name, patronymic, date, month and year of birth, details of the identity document (passport), TIN number, photo and video of their personal image, telephone number, registration address, other similar information provided by the User about themselves, and on the basis of which the identification of the subject of personal data is possible.
1.4. The Administration has the right to carry out with the received personal data of Users all legal necessary actions related exclusively to achieving the goals specified in Section 2 of the Rules.

2. Basic principles and purposes of collecting personal information.

2.1. The Administration processes personal data that is necessary to provide the Service to the User.
2.2. The User hereby instructs the Administration and agrees that the Administration:

- processes the User's personal data for the purpose of providing access to the Service and its functionality, checking, researching and analyzing such data, allowing to maintain and improve the current functionality of the Service, develop new functionality, as well as for other purposes provided for by these PDn Rules;
- takes all necessary measures to protect the User's personal data from unauthorized access, modification, disclosure or destruction;
- provides access to the User's personal data only to those employees, contractors and agents of the Administration who need this information to ensure the functioning of the Service and provide Users with access to its use;
- will and has the right to use the information provided by the User, including personal data, in order to ensure compliance with the requirements of the current legislation of the Russian Federation (including for the purpose of preventing and/or suppressing illegal and/or unlawful actions Users).

2.3. Principles of processing personal data of Users:

- personal data must be processed solely on legal grounds and in the interests of Users;
- personal data must be processed limited to achieving specific legal purposes;
- when processing personal data, the accuracy, sufficiency, and, where necessary, relevance of personal data are ensured;
- personal data must be stored in a form that allows identifying the subject of personal data, no longer than required by the purposes of processing personal data.

2.4. The User's personal data is processed by the Administration for the following purposes:

- execution of agreements with the User on providing access to the functionality of the Service, for the administration of the Service;
- identification of the User upon registration in the Application and authentication of the User when using the Service;
- provision of services, processing requests and applications from the User;
- establishing feedback with the User, including sending notifications and requests;
- confirmation of the completeness of the personal data provided by the User;
- conclusion of contracts with the User, implementation of mutual settlements;
- collection of statistics;
- improvement of the quality of the Service, its ease of use and development of new services and services;
- conducting marketing (advertising) events, sending offers, promotion on the services market by implementing direct contacts with a potential consumer.

2.5. The User is aware and agrees that for the purposes provided for in the PDn Rules, the Administration has the right to:

- collect and use additional information related to the User, obtained during the User's access to the Service or from third parties, and including data on technical means (including mobile devices) and methods of technological interaction with the Service (including the host IP address, the User's operating system type, browser type, geographic location, provider data, etc.), on the User's activity on the Service, Cookies, information on errors issued to Users, on downloaded files, videos, tools, as well as other data obtained in the ways established by the PDn Rules;
- manage statistical information related to the functioning of the Service, as well as information from Users for the purposes of organizing the functioning and technical support of the Service and fulfilling the terms of these Rules.

3. Terms of personal information processing.

3.1. The User's personal data shall be processed within the timeframes specified in clause 3.5 of the PDn Rules, in any legal manner, including in personal data information systems, using automation tools (in the form of electronic images of documents), except for cases when non-automated processing of personal data is necessary in connection with the implementation of legal requirements. The processing of Users' personal data shall be carried out in accordance with the Constitution of the Russian Federation, Federal Law of 27.07.2006 No. 152-FZ "On Personal Data", and these PDn Rules.
3.2. The source of information about all personal data of the User is the User of the Service directly. By filling out any form and/or attaching a file when registering in the Application and when using the Service, the User thereby gives consent to the processing of his personal data for the purposes specified in Section 2 of the PDn Rules. The User confirms the rights and obligations with respect to the account created in this manner.
3.3. The User's personal information is kept confidential, except in cases where the User voluntarily provides information about himself/herself for general access to an unlimited number of persons. When using the Service, the User agrees that, as a result of the User's actions, a certain part of his/her personal information becomes publicly available to other Users of the Service and Internet users, and can be copied and/or distributed by such Users, taking into account the available privacy settings.
The following personal information of Users is publicly available, in particular: last name, first name, patronymic, telephone number, passport series and number, covered by a mask (for example, 65** 04***2).
3.4. The Administration takes the necessary organizational and technical measures to protect the User's personal information from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties.
3.5. The Administration stores information about the User for the period of the latter's access to the Service, as well as 3 (three) months from the date of termination of such access for any reason. If the Administration receives an application from the User to revoke consent to the processing of PD, the Administration stops processing the User's PD from the date specified in the application, but not earlier than the date following the date of actual receipt of the revocation by the Administration.
3.6. The Administration stores the personal data of the User and his employees. At the same time, the User guarantees that he has received the consent of each of his employees to transfer his personal data to the Administration.
The Administration, being the processor of personal data on behalf of the User, is not obliged to obtain the consent of the User's employees to process their personal data. By unconditionally accepting the terms of these Rules, the User confirms that he/she has received in advance the consent of his/her employees to transfer their personal data to the Administration.
The User shall bear responsibility to the User's employees whose personal data is processed by the Administration on behalf of the User.
The Administration processes the personal data of the User's employees in full accordance with the provisions provided for in these Rules.
3.7. The Administration processes personal data in the following ways: collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of the User's personal data.
The storage of Users' Personal Data is carried out exclusively on electronic media and is processed using automated systems, except for cases when non-automated processing of personal data is necessary in connection with the implementation of legal requirements.
3.8. The Administration may transfer Users' personal data, including cross-border transfer to the territory of foreign states, subject to obtaining the User's consent and ensuring the necessary protection of the rights of personal data subjects, to the Administration's counterparties, who are engaged by the Administration to provide services to maintain the proper technical condition, operability, modification of the Service. At the same time, the storage of personal data of citizens of the Russian Federation abroad is not carried out.
3.9. If the User does not agree with the processing of his personal data, including biometric data, by the Administration, the User must not publish this information or communicate this data when registering in the Application and using the Service. As soon as the User provides his personal data, including biometric data, when registering in the Application and using the Service, they will be available to the Administration and other users of the Service.

4. Obligations of the parties.

4.1. The user is obliged to:

- Provide correct information about personal data necessary for the purposes specified in Section 2 of the Personal Data Rules.
- Update, supplement the provided information about personal data in the event of a change in this information.

4.2. The Administration is obliged to:

- Use the information received solely for the purposes specified in Section 2 of the Personal Data Rules.
- Ensure that confidential information is kept secret.
- Take precautions to protect the confidentiality of the User's personal data in accordance with the procedure usually used to protect such information in existing business practices.
- Block personal data related to the relevant User from the moment of the User's request or appeal, or their legal representative, or authorized body for the protection of the rights of personal data subjects, for the verification period, in the event of detection of inaccurate personal data or illegal actions.

4.3. When processing personal data, the Administration is obliged to take the necessary legal, organizational and technical measures to protect personal data from unauthorized, illegal or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data, by:

- development and implementation in the organization of documents regulating work with PDn;
- restrictions and regulations of the composition of employees with access to personal data;
- implementation of a permit system for User access to information resources, software and hardware for processing and protecting information;
- implementation of anti-virus control, prevention of the introduction of malicious programs (virus programs) and software backdoors into the corporate network;
- detection of intrusions into the corporate network of the Administration that violate or create preconditions for the violation of established requirements for ensuring the security of personal data;
- backup copying of information.

4.4. When determining the volume and content of processed personal data, the Administration is guided by the Constitution of the Russian Federation, the Federal Law of 27.07.2006 No. 152-FZ "On Personal Data", these Rules of PDn.
4.5. The Administration undertakes to ensure the prevention of unauthorized and non-targeted access to the personal data of the Service Users.
In this case, authorized and targeted access to the personal data of the Service Users will be considered access by persons authorized by the Administration within the framework of the goals of the activities and subject matter of the Service.

5. Liability of the parties and dispute resolution.

5.1. The Administration that has failed to fulfill its obligations is liable to the User for direct actual damage in connection with the illegal use of personal data in accordance with the legislation of the Russian Federation.
5.2. In the event of loss or disclosure of personal data, the Administration is not liable if this information:

- became publicly known prior to its loss or disclosure;
- was received from a third party prior to its receipt by the Administration;
- was disclosed with the consent of the User.

5.3. The current legislation of the Russian Federation shall apply to the Personal Data Rules and the relations between the User and the Administration.
In the event of any disputes or disagreements related to the implementation of the Personal Data Rules, the User and the Administration will make every effort to resolve them by negotiating between them. If the disputes are not resolved by negotiations, the disputes shall be resolved in accordance with the current legislation of the Russian Federation.
5.4. Before filing a claim in court for disputes arising from the relations between the User and the Administration, it is mandatory to file a claim.
The recipient of the claim, within 10 (ten) days from the date of receipt of the claim, shall notify the claimant in writing of the results of its consideration.
If no agreement is reached, the dispute will be referred to a judicial body for consideration in accordance with the current legislation of the Russian Federation.

6. Final Provisions.

6.1. These PD Rules are valid for an indefinite period, and in terms of the User's consent to the processing of PD - until it is revoked by the User by sending a corresponding notice to the Administration's e-mail address, as well as by written request to the legal address of the Administration. The selected method of contact must guarantee the ability of the Administration to reliably identify the person who has applied.
6.2. The PD Rules are an open and publicly available document, located on the website digital-nomad.gr at the address: https://digital-nomad.gr/policy.html.
6.3. The User may contact the Administration with a request for clarification, change, blocking, revocation, etc. your personal data to the email address info@digital-nomad.gr.

Limited Liability Company
Tel: +30-694-924-78-17
E-mail: info@digital-nomad.gr