Personal Data Processing Policy

Basic principles

This personal data processing strategy is based on the Federal Law on Personal Data (known as the Personal Data Law) and regulates the processing and protection of personal data carried out by LUX-SAFE (hereinafter referred to as the Operator).

The purpose and principles of the Operator

The main priority of the Operator is to respect the rights and freedoms of the individual when working with his personal data, as well as to protect the rights to privacy, individuality and confidentiality of family life.

Policy Application

This strategy in the field of personal data processing (hereinafter referred to as the Strategy) applies to all information that the Operator may collect from users of the site https://lux-safe.me.

The main definitions in the Policy

1. Automated processing of personal data: Automated processing of personal data is the processing of personal data using computer technology.
2. Blocking of personal data: Blocking of personal data means the temporary termination of the processing of personal data, except in cases where processing is necessary to clarify information about personal data.
3. Website: The website is a collection of graphic and informational materials, as well as computer programs and databases that ensure their availability on the Internet at a network address https://lux-safe.me.
4. Personal Data Information System: The personal data information system includes data stored in personal data databases, as well as technologies and tools for their processing.
5. Depersonalization of personal data: Depersonalization of personal data is an action that makes it impossible to identify a specific User or other personal data subject without using additional information.
6. Processing of personal data: The processing of personal data includes any operations or a set of operations carried out with personal data, both using automation tools and without them. These operations include collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision of access), depersonalization, blocking, deletion and destruction of personal data.
7. The Operator: This is either a government agency, a municipal institution, a legal entity or an individual who, possibly in cooperation with others, organizes and/or performs data processing. They also define the purposes of this processing, what data to process and what operations to perform with this data.
8. Personal Data: This is information that is directly or indirectly related to a specific or potentially specific user of the site https://lux-safe.me.
9. Personal data allowed for distribution: This is data that the data subject has provided access to for the general public by giving his consent in accordance with the Law on Personal Data.
10. The User: This is everyone who visits the website https://lux-safe.me.
11. Provision of data: These are actions in which data becomes available to a specific person or group of people.
12. Dissemination of data: These are actions that make data available to the general public, including publication in the media, posting on the Internet or providing access in any other way.
13. Cross-border data transfer: The transfer of data outside the country may be addressed to foreign government agencies, individuals or legal entities from another country.
14. Data destruction: These are actions after which data is permanently deleted and cannot be restored, whether in an information system or on a physical medium.

3. Basic rights and obligations of the Operator

3.1. Operator Privileges

The operator has the right to:

• Receive up-to-date information and/or documentation with personal data from the person who provides such data;
• Even if the consent to data processing is revoked or if the request is received to stop processing, the Operator can continue to do so if there are grounds described in the Law on Personal Data;
• At its discretion, determine what actions are necessary to fulfill the obligations established by the Law on Personal Data, if specific actions are not defined by this Law or other laws.

3.2. Obligations of the Operator

The operator must:

• Provide information on how personal data is processed upon request;
• Follow the established data processing procedure in accordance with the laws;
• Respond to requests and questions from those whose data is being processed in accordance with the Personal Data Act;
• Provide the necessary information to the data protection authority within 10 days after the request;
• Provide free access to this Personal Data Processing Policy;
• Take measures to protect data from unauthorized access, modification, copying and other actions;
• In certain cases provided for by law, stop the transmission of data, their processing and destroy them;
• Comply with other obligations under the Personal Data Act.

4. The prerogatives and debts of the persons whose personal data are processed

4.1. Privileges of these persons

The persons whose data is being processed can:

• Receive information about how their data is processed, excluding the points defined by laws. The operator provides this information in an understandable form, excluding the data of other persons, if there are no legitimate grounds for their disclosure. The specification of the data and the procedure for their access are determined by law;
• Require correction, blocking or deletion of their data if they are incomplete, outdated, incorrect, obtained illegally or not necessary for the stated purposes. They can also use legitimate ways to protect their interests;
• To set a condition for obtaining consent before processing their data for marketing needs;
• Revoke consent to the processing of their data or request the termination of their processing;
• Challenge the actions or omissions of the Operator in the data protection authority or in court;
• Exercise other rights established by laws.

4.2. Obligations of these persons

Such persons should:

• Provide true information about themselves to the Operator;
• Inform the Operator of any changes in their data.

4.3. Responsibility for providing incorrect information

Persons who provide incorrect information or data of others without their consent are liable in accordance with the laws.

5. Basic provisions on data processing

5.1. Legality and fairness

The data is processed in accordance with the law and on a fair basis.

5.2. Goal setting

Data processing is aimed at fulfilling clearly defined and legitimate tasks. Data processing unrelated to its original purpose is not allowed.

5.3. Database compatibility

Combining databases with different processing purposes that are incompatible with each other is prohibited.

5.4. Data relevance

5.4. Data relevance

Only those data that correspond to the purposes of their collection are subject to processing.

5.5. Data adequacy

The data must meet and not exceed the set goals. Redundant data is not processed.

5.6. Accuracy and relevance

The data must be accurate, relevant and, if necessary, updated. The operator takes steps to correct or delete inaccurate data.

5.7. Shelf life

The data is stored in such a way that it is possible to identify a person no longer than is required for processing purposes. After achieving these goals, or if their achievement is no longer required, the data is deleted or depersonalized, unless otherwise provided by law.

6. Data processing requirements

6.1. Consent to processing

Personal data is processed only with the permission of the person to whom this data relates.

6.2. Processing purposes

The data may be processed in accordance with international agreements or laws, as well as to fulfill obligations defined by laws for the operator.

6.3. Justice and law enforcement

The processing of personal data may be necessary to comply with laws, enforce court decisions or other official acts.

6.4. Contractual relations

Data processing is necessary for the fulfillment or conclusion of a contract in which the person who provided the data participates, or on his initiative.

6.5. Protection of interests

Personal data may be processed to protect the interests of the operator, third parties, or to serve the public interest, provided that human rights and freedoms are respected.

6.6. Publicly available data

Data that has been made available to all users or at the request of the subject itself can be processed.

6.7. Legislative disclosure

Data may be processed if they are required to be published or disclosed in accordance with the law.

7. Methods of processing and protection of personal data

The Operator guarantees the security of the personal data being processed by applying legal, administrative and technical measures in accordance with the current requirements of personal data protection laws.

7.1. Data protection from unauthorized access

The Operator takes all measures to prevent access to data by persons who do not have the right to do so.

7.2. Restrictions on data transfer

User data is not disclosed to third parties, except in cases provided for by law or with the permission of the data subject in order to fulfill certain obligations.

7.3. Data correction

If errors are found in their data, the user can correct them by sending an appropriate message to the Operator's e-mail with the subject "Updating personal data" to the address info@lux-safe.me.

7.4. Duration of data processing

7.4. Duration of data processing

The period of processing of personal data depends on the purposes for which the data was collected, unless another period is established by contract or legislation.

The User has the right to revoke his consent to data processing at any time by sending an email to the Operator at info@lux-safe.me with the topic "Revocation of consent to the processing of personal data".

7.5. Data collected by third-party services

Information received through external services, such as payment systems, communication providers and others, is processed by these services in accordance with their terms and privacy policy. The Operator is not responsible for the actions of these third-party organizations.

7.6. Restrictions on data processing

Any restrictions imposed by the data owner regarding the transfer or conditions for processing personal information available for publication do not apply when processing data in the interests defined by the laws of the Russian Federation, such as state or public interests.

7.7. Confidentiality of data

In the process of working with personal data, the Operator guarantees their confidentiality.

7.8. Delivery Details

When organizing the delivery of goods, the Operator collects information about the destination and the addressee to optimize the route. Delivery is made using various carriers and courier services. Tariffs depend on the size, weight of the cargo and distance from the sender. Special conditions apply for products of non-standard sizes, the cost of which can be found on the website of NHV-Oversized.

7.9. Data storage

The Operator stores personal information in a form that allows identification of the data owner only for the period necessary for processing purposes unless a specific deadline is specified by law or by a contract in which the data owner participates.

7.10. Completion of data processing

The processing of personal data can be completed for a variety of reasons: the purposes for which the processing was carried out have been achieved, the validity period of the processing permit has expired, consent has been withdrawn or a request for termination of processing has been received, as well as in the event of violations in data processing.

8. List of the Operator's actions with personal data

8.1. The Operator applies the following actions to personal information:

• Collection and recording
• Systematization

• Accumulation
• Storage
• Modification (including updating and correction)
• Extraction and use
• Transmission (including distribution, provision and provision of access)
• Depersonalization
• Blocking
• Removal
• Destruction

8.2. Automatic data processing

The Operator applies automatic methods of processing personal data, which may include data transmission through information and telecommunication networks or without their use.

9. Transfer of personal data across borders

9.1. Notification before cross-border transfer

Before starting operations on the cross-border transfer of personal information, the Operator must inform the relevant authority responsible for data protection about its plans in this regard. This notification is sent separately from the notification of the intention to process personal data.

9.2. Preliminary information

Before sending a notification, the Operator is obliged to receive information from the authorities of a foreign state, foreign citizens or legal entities to whom data transfer is planned.

10. Privacy of personal information

The operator, as well as any persons who have been granted access to personal data, must not transfer or distribute this information to third parties without the permission of the data owner, except in cases provided for by law.

11. Conclusion

11.1. Contact information

If you have any questions regarding the processing of your personal data, the user can contact the Operator by e-mail info@lux-safe.com

11.2. Document updates

All changes regarding the personal data processing policy will be reflected in this document. This document will be valid until it is updated.

11.3. Current policy version

The current version of the privacy policy can be found on the Internet at the link https://lux-safe.me/privacy