1. Purpose and scope of the document
1.1. “Policy of IP K T.I. (hereinafter referred to as “The Crypto academy” regarding the processing of personal data” (hereinafter referred to as the Policy) determines the position and intentions of The Crypto academy in the field of processing and protection of personal data, in order to respect and protect the rights and freedoms of everyone rights and, in particular, the right to privacy, personal and family secrets, protection of one's honor and good name.
1.2. The policy is strictly enforced by the individual entrepreneur and employees of The Crypto academy.
1.3. The Policy applies to all personal data of subjects processed by The Crypto academy using automation tools and without the use of such tools.
1.4. Any subject of personal data has access to this Policy.
2.1. Personal data - any information relating to a directly or indirectly identified or identifiable natural person (citizen). Those. such information, in particular, may include: full name, year, month, date and place of birth, address, information about family, social, property status, information about education, profession, income, information about the state of health, as well as other information.
2.2. Processing of personal data - any action (operation) or a set of actions (operations) with personal data performed using automation tools or without the use of such tools. Such actions (operations) include: collection, receipt, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data .
3. Subjects of personal data - The Crypto academy. processes personal data of the following persons:
entities with which contracts of a civil law nature have been concluded;
clients of The Crypto academy.;
registered users of the site www.thecryptoacademy.finance
representatives of legal entities;
suppliers (individual entrepreneurs).
4. Principles and conditions for the processing of personal data
4.1. Under the security of personal data The Crypto academy. understands the protection of personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data and takes the necessary legal, organizational and technical measures to protect personal data.
4.2. Processing and security of personal data The Crypto academy. is carried out in accordance with the requirements of the Constitution of the Russian Federation, Federal Law No. 152-FZ “On Personal Data”, by-laws, other federal laws of the Russian Federation that determine the cases and features of the processing of personal data, guidelines and methodological documents of the FSTEC of Russia and the FSB of Russia.
4.3. When processing personal data, The Crypto academy. adheres to the following principles:
legitimacy and fairness;
limiting the processing of personal data to the achievement of specific, predetermined and legitimate purposes;
preventing the processing of personal data that is incompatible with the purposes of collecting personal data;
preventing the merging of databases containing personal data, the processing of which is carried out for purposes that are incompatible with each other;
processing of personal data that meet the purposes of their processing;
4.4. The Crypto academy processes personal data only if at least one of the following conditions is met:
processing of personal data is carried out with the consent of the subject of personal data to the processing of his personal data;
the processing of personal data is necessary to achieve the goals provided for by law, to implement and fulfill the functions, powers and duties assigned by the legislation of the Russian Federation to the operator;
the processing of personal data is necessary for the performance of an agreement to which the personal data subject is a party or beneficiary or guarantor, as well as to conclude an agreement on the initiative of the personal data subject or an agreement under which the personal data subject will be the beneficiary or guarantor;
the processing of personal data is necessary to exercise the rights and legitimate interests of The Crypto academy or third parties, or to achieve socially significant goals, provided that the rights and freedoms of the subject of personal data are not violated;
processing of personal data is carried out, access of an unlimited circle of persons to which is provided by the subject of personal data or at his request;
processing of personal data subject to publication or mandatory disclosure in accordance with federal law is carried out.
4.5. The Crypto academy has the right to entrust the processing of personal data of citizens to third parties, on the basis of an agreement concluded with these persons.
Persons processing personal data on behalf of The Crypto academy undertake to comply with the principles and rules for the processing and protection of personal data provided for by Federal Law No. 152-FZ “On Personal Data”.
For each person, a list of actions (operations) with personal data that will be performed by a legal entity processing personal data, the purposes of processing, the obligation of such a person to maintain confidentiality and ensure the security of personal data during their processing, as well as requirements for the protection of processed personal data are specified. data.
4.6. In cases established by the legislation of the Russian Federation, The Crypto academy. I. has the right to transfer personal data of citizens.
4.7. For the purpose of information support of The Crypto academy, public sources of personal data of employees, including directories and address books, may be created. With the consent of the employee, public sources of personal data may include his last name, first name, patronymic, date and place of birth, position, contact phone numbers, e-mail address. Information about the employee must be excluded from publicly available sources of personal data at any time at the request of the employee or by decision of the court or other authorized state bodies.
4.8. The Crypto academy destroys or depersonalizes personal data upon reaching the purposes of processing or in case of loss of the need to achieve the purpose of processing.
5. Rights of the subject of personal data
A citizen whose personal data is processed by The Crypto academy has the right to:
receive from The Crypto academy:
confirmation of the fact of processing personal data by The Crypto academy;
legal grounds and purposes of personal data processing;
information about the methods of processing personal data used by The Crypto academy;
the name and location of The Crypto academy;
information about persons who have access to personal data or to whom personal data may be disclosed on the basis of an agreement with The Crypto academy or on the basis of federal law;
a list of processed personal data relating to the citizen from whom the request was received and the source of their receipt, unless a different procedure for providing such data is provided by federal law;
information about the terms of processing personal data, including the terms of their storage;
information on the procedure for the exercise by a citizen of the rights provided for by the Federal Law "On Personal Data" No. 152-FZ;
information about the ongoing or proposed cross-border transfer of personal data;
the name and address of the person who processes personal data on behalf of The Crypto academy;
other information provided for by the Federal Law "On Personal Data" No. 152-FZ or other federal laws;
demand clarification of their personal data, their blocking or destruction if the personal data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing;
withdraw your consent to the processing of personal data;
demand the elimination of illegal actions
The Crypto academy in relation to his personal data;
appeal against the actions or inactions of The Crypto academy. to the Federal Service for Supervision of Communications, Information Technology and Mass Communications
(Roskomnadzor) or in court if a citizen believes that The Crypto academy is processing his personal data in violation of the requirements of Federal Law No. 152-FZ “On Personal Data” or otherwise violates his rights and freedoms;
to protect their rights and legitimate interests, including compensation for losses and / or compensation for moral damage in court.
In case of failure to comply with the provisions of this Policy, The Crypto academy is liable in accordance with the current legislation of the Russian Federation.
DRAW YOUR ATTENTION TO
Get clarifications on the issues of your personal data processing that are of interest to you by contacting The Crypto academy personally or by sending an official request by Russian Post to The Crypto academy.
If an official request is sent to The Crypto academy, the text of the request must include:
number of the main document proving the identity of the subject of personal data or his representative, information on the date of issue of the said document and the authority that issued it;
information confirming your participation in relations with The Crypto academy. or information otherwise confirming the fact of processing personal data by The Crypto academy;
signature of the citizen (or his legal representative). If the request is sent electronically, then it must be executed in the form of an electronic document and signed with an electronic signature in accordance with the legislation of the Russian Federation.
The website www.thecryptoacademy.finance publishes the current version of The Crypto academy's Personal Data Processing Policy.
Information on the implemented requirements for the protection of personal data The Crypto academy, when processing personal data, takes the necessary legal, organizational and technical measures to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, and also from other illegal actions in relation to personal data.
Such measures in accordance with Federal Law No. 152-FZ “On Personal Data” include:
determination of threats to the security of personal data during their processing in information systems of personal data;
application of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems necessary to meet the requirements for the protection of personal data, the implementation of which ensures the levels of protection of personal data established by the Government of the Russian Federation;
the use of information security tools that have passed the conformity assessment procedure in accordance with the established procedure;
assessment of the effectiveness of the measures taken to ensure the security of personal data prior to the commissioning of the personal data information system;
detection of facts of unauthorized access to personal data and taking measures;
recovery of personal data modified or destroyed due to unauthorized access to them;
establishing rules for access to personal data processed in the personal data information system, as well as ensuring the registration and accounting of all actions performed with personal data in the personal data information system;
control over the measures taken to ensure the security of personal data and the level of security of personal data information systems;
accounting of machine carriers of personal data;
placement of technical means for processing personal data within the protected area;
maintenance of technical means of protection, signaling in constant readiness;
monitoring user actions, conducting proceedings on violations of personal data security requirements
In order to coordinate actions to ensure the security of personal data, The Crypto academy has appointed persons responsible for ensuring the security of personal data.