Ru
About the Foundation
News
Contacts
+7 (495) 660 24 40 charity@cherkizovo.com

Privacy Policy

1. General Provisions 2. Terms and Definitions 3. Personal Data Processing Purposes 4. Categories of Personal Data Subjects and Categories of Personal Data Processed 5. Legal Grounds for Processing Personal Data 6. Periods of Processing and Storage of Personal Data 7. Procedure and Conditions for Processing Personal Data 8. Cookies 9. Termination of Processing and Destruction of Personal Data 10. Cross-Border Transfer of Personal Data 11. Procedure for Handling Requests from Personal Data Subjects 12. Final Provisions
1. General Provisions

This Personal Data Processing Policy has been drawn up in accordance with the requirements of Federal Law No. 152-ФЗ dated 27.07.2006 On Personal Data, and defines the purposes, procedure, conditions for processing personal data, and measures to ensure the security of personal data undertaken by the Operator, Cherkizovo Charitable Foundation (TIN 9718286987, PSRN 1257700431768), legal address: 107143, Moscow, Intracity Territory Municipal District Metrogorodok, 5 Permskaya str., bld. 1) (hereinafter referred to as the Operator).

1.1. The Operator's most important goal and condition for its activities are to observe human and civil rights and freedoms when processing personal data, including the protection of rights to privacy, personal, and family secrets.
1.2. This Operator's policy regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may obtain from personal data subjects, including through the website cherkizovo-foundation.com.


2. Terms and Definitions

The following terms are used in the Policy:

2.1. Automated processing of personal data means processing of personal data by means of computer technology;

2.2. Blocking of personal data means temporary termination of personal data processing (except when processing is necessary to clarify personal data);

2.3. Website means a set of graphic and informational materials, as well as programs for computers and databases, making them available on the Internet at the network address cherkizovo-foundation.com;

2.4. Information system of personal data means a set of personal data contained in databases of personal data, and providing information technology and technical means for its processing;

2.5. Depersonalization of personal data means actions that make it impossible to determine, without the use of additional information, whether the personal data belongs to a particular user or another personal data subject;

2.6. Personal data processing means any action (operation) or a set of actions (operations) carried out with personal data with or without the automation tools, including collection, recording, systematization, accumulation, storage, clarification (update, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;

2.7. Operator means a state body, municipal authority, legal entity or individual, independently or together with other persons organizing and (or) carrying out the processing of personal data, as well as defining the purpose of personal data processing, the composition of personal data to be processed, actions (operations) performed with personal data;

2.8. Personal data (PD) mean any information relating directly or indirectly to a specific or identifiable personal data subject;

2.9. User means any visitor to the website https://cherkizovo-foundation.com/;

2.10. Provision of personal data means actions aimed at the disclosure of personal data to a certain person or a certain circle of people;

2.11. Distribution of personal data means any action aimed at the disclosure of personal data to an indefinite range of persons (transfer of personal data) or to familiarize with personal data to an unlimited number of persons, including the publication of personal data in the media, placing in information and telecommunications networks or provide access to personal data in any other way;

2.12. Personal data subject means an individual who is directly or indirectly identified or identifiable based on personal data relating to them;

2.13. Cross-border transfer of personal data means the transfer of personal data to a foreign country to a foreign authority, a foreign individual or a foreign legal entity;

2.14. Destruction of personal data means any action resulting in the destruction of personal data irretrievably with the inability to further restore the content of personal data in the information system of personal data and (or) the destruction of the material media for personal data;

2.15. Cookies — files that are placed (saved) on the User's device and may contain: identifiers, device and browser information, settings personalization, behavior analysis;

2.16. Foundation means Cherkizovo Charitable Foundation.

Unmentioned terms are used in the meaning defined by the legislation of the Russian Federation.


3. Personal Data Processing Purposes

3.1. The Operator processes personal data for the following purposes:

3.1.1. organizing assistance to the Foundation's beneficiaries in accordance with its statutory activities;

3.1.2. preparation, conclusion, performance, and termination of contracts;

3.1.3. execution of powers of attorney;

3.1.4. verification of the Counterparty's reliability, including the assessment and management of legal, reputational, and compliance risks;

3.1.5. collection and analysis of proposals for new Foundation projects, operation of the Foundation's official website, including collection of statistics on its use;

3.1.6. selection of candidates for vacant positions;

3.1.7. organization, provision, and regulation of employment and directly related relationships;

3.1.8. ensuring the effectiveness of business communications;

3.1.9. organizing access to the territory and premises.


4. Categories of Personal Data Subjects and Categories of Personal Data Processed

4.1. For the stated purposes, the Operator may process the following categories of personal data, which are collectively referred to as Personal Data within this Policy.

For counterparties, their representatives, attorneys-in-fact, beneficiaries, donors, philanthropists, volunteers, authors of inquiries, visitors (purposes in Clauses 3.1.1.-3.1.5.):

  • Name, patronymic, surname (full name);

  • Contact phone number;

  • Email address;

  • Registration address, residential address;

  • Identification document details;

  • Banking details.

For users of the Foundation's website (automatically for the purpose in Clause 3.1.6.):

  • Electronic data (IP address, HTTP headers, browser type and operating system data, cookies, web beacons/pixel tags);

  • Date and time of access to the website and/or services;

Data collected using Yandex Metrica (More details: https://yandex.ru/legal/confidential/):

Name Type Validity period Description Domain to which it is installed
_ym_metrika_enabled Analytical 60 minutes Checks whether other Metrica cookies are installed correctly Domain where the counter is installed
_ym_isad Analytical 2 days Used to determine whether the visitor has ad blockers Domain where the counter is installed
_ym_uid Analytical 1 year Allows distinguishing visitors All Yandex Metrica domains
_ym_d Analytical 1 year Stores the date of the visitor's first visit to the site All Yandex Metrica domains
_ym_ucs Analytical 1 year Source for _ym_uid. Appears if server-side cookie re-issuance is configured All Yandex Metrica domains
gdpr Technical Up to 2 years Up to 2 years Allows distinguishing visitors from the area covered by the General Data Protection Regulation (GDPR) All Yandex Metrica domains
_ym_debug Technical During the visit Debug mode enabled indicator All Yandex Metrica domains
_ym_visorc_* Analytical 30 minutes Used for the correct operation of Webvisor All Yandex Metrica domains
_ym_hostIndex Analytical 1 day Allows limiting the number of requests All Yandex Metrica domains
_ym_sup_debug Technical 1 day Used for the operation of the debugger of the Metrica counter All Yandex Metrica domains
is_gdpr Technical Up to 2 years Allows distinguishing visitors from the area covered by the General Data Protection Regulation (GDPR) All Yandex Metrica domains
is_gdpr_b Technical Up to 2 years Allows distinguishing visitors from the area covered by the General Data Protection Regulation (GDPR) All Yandex Metrica domains
yabs-sid Technical During the browser session Visit identifier All Yandex Metrica domains
i Technical 1 year Allows distinguishing visitors All Yandex Metrica domains
yandexuid Technical 1 year (in some countries the period may be longer) Allows distinguishing visitors All Yandex Metrica domains
yuidss Technical 1 year (in some countries the period may be longer) Allows distinguishing visitors All Yandex Metrica domains
ymex Analytical 1 year Stores auxiliary information for Metrica operation: identifier creation time and their alternative values All Yandex Metrica domains
usst Analytical 1 year Stores auxiliary information for synchronizing visitor identifiers across different Yandex domains All Yandex Metrica domains

  • Observational cookies track user activity on the website;

  • Session cookies are stored only during the site visit and are deleted when the browser is closed;

  • Persistent cookies are stored for a longer period and allow recognizing repeat visits by the user;

  • Cookies associated with a user identifier (ClientID) are used to distinguish unique users.

For candidates for vacant positions, employees (for purposes in Clauses 3.1.7-3.1.9.):

  • Name, patronymic, surname;
  • Sex;
  • Date and place of birth;
  • Citizenship;
  • Residential address;
  • Contact phone numbers;
  • Contact email addresses;
  • Information on work experience;
  • Information on marital status;
  • Information on relatives;
  • Information on employment preferences;
  • Identification document details;
  • Information on tax registration;
  • Information on social insurance;
  • Information on education;
  • Information on work experience and employment history;
  • Information on the right to drive vehicles (if required by the vacant position);
  • Information on military duty and military registration;
  • Information on social benefits;
  • Information on employment history from previous places of work;
  • Information obtained using video surveillance and/or video recording equipment that is not biometric personal data.

4.2. The Operator does not process special, biometric, or personal data that is excessive in relation to the stated purposes.


5. Legal Grounds for Processing Personal Data

5.1. The Operator processes personal data on the following legal grounds:

5.1.1. with the consent of the personal data subject to the processing of their personal data, which the subject provides by an active action, including by marking a consent box in the data collection form and/or in the interface when obtaining such consent;

5.1.2. achieving the purposes provided for by an international treaty of the Russian Federation or law, for carrying out and performing the functions, powers, and obligations assigned to the operator by the legislation of the Russian Federation;

5.1.3. performance of an agreement to which the personal data subject is a party, beneficiary, or guarantor, as well as for concluding an agreement on the initiative of the personal data subject or an agreement under which the personal data subject will be a beneficiary or guarantor;

5.1.4. the exercise of the rights and legitimate interests of the operator or third parties, provided that the rights and freedoms of the personal data subject are not violated.


6. Periods of Processing and Storage of Personal Data

6.1. The periods of personal data processing may be as follows:

  • upon achieving the purposes of personal data processing or until the need to achieve the purposes of personal data processing ceases;

  • in the event that the personal data subject withdraws consent to the processing of their personal data (if personal data is processed by the Operator based on the consent of the personal data subject);

  • in accordance with the limitation periods;

  • in accordance with the periods established by the legislation of the Russian Federation and regulatory documents.


7. Procedure and Conditions for Processing Personal Data

7.1. The Operator processes personal data using:

  • automated processing of personal data with or without transmission via the Internet;

  • non-automated processing of personal data;

  • mixed processing methods.

7.2. The Operator ensures the security of personal data and takes all possible measures to prevent unauthorized persons from accessing personal data in the following ways:

7.2.1. by identifying threats to the security of personal data during their processing in personal data information systems;

7.2.2. by applying organizational and technical measures to ensure the security of personal data during their processing in personal data information systems, necessary to meet the requirements for personal data protection;

7.2.3. by assessing the effectiveness of the measures taken to ensure the security of personal data;

7.2.4. by appointing a person responsible for organizing the processing of personal data;

7.2.5. by issuing a policy regarding the processing of personal data and other local acts on personal data processing issues. Documents and local acts shall not contain provisions restricting the rights of personal data subjects;

7.2.6. by conducting internal control and/or audit of the compliance of personal data processing processes with legislation;

7.2.7. by familiarizing Foundation employees directly involved in the processing of personal data with the provisions of the legislation of the Russian Federation on personal data, including requirements for the protection of personal data;

7.2.8. by assessing harm to personal data subjects in the event of violation of rights and legislation and comparing the security measures taken with the necessary requirements of legislation;

7.2.9. in case of detection of facts of unauthorized access to personal data, by defining measures to detect, prevent, and eliminate the consequences of computer attacks on personal data information systems and to respond to computer incidents within them;

7.2.10. by monitoring the measures taken to ensure the security of personal data and the level of security of personal data information systems;

7.3. The Operator allows access to the processing of personal data and grants access to personal data only to the extent necessary for the performance of their official and other established duties;

7.4. The Operator does not control compliance with the confidentiality conditions and processing of personal data of personal data subjects by the owners or users of other websites that the personal data subject may visit via links available on the Website and/or Service, and is not responsible for the actions or inactions of the owners or users of such websites in the field of personal data processing and compliance with confidentiality;

7.5. The Operator is entitled to entrust the processing of personal data to another person and/or carry out the processing of personal data on behalf of another person in accordance with the procedure and conditions provided for by the requirements of Parts 3-6 of Article 6 of Federal Law No. 152-ФЗ dated July 27, 2006 On Personal Data.

7.6. The Operator is entitled to transfer personal data to third parties in cases provided for by this Policy or applicable law, and only to the extent necessary based on the purpose of disclosure. Information about Third Parties with whom the Operator enters into agreements, interacts to achieve goals, and may transfer personal data is contained in the list of third parties defined in Section 12 hereof. The list of third parties may be amended by the Operator.

7.7. The Operator ensures the recording, systematization, accumulation, storage, clarification (update, modification), and extraction of personal data of citizens of the Russian Federation using databases located on the territory of the Russian Federation, except in cases provided for by Law.

7.8. If the user does not want cookies to be stored, they can change their browser settings.


8. Cookies

8.1. The user may at any time independently restrict or completely disable the installation of cookies through their web browser settings. Information on how to do this can be found using the following links:

Please note that without the use of technical cookies, the website's Services may not function correctly, and some of its functionality, including basic functionality, may become unavailable.


9. Termination of Processing and Destruction of Personal Data

9. 1. The Operator shall terminate the processing of personal data and destroy it in the following cases:

9.1.1. liquidation of the Foundation;

9.1.2. reorganization of the Foundation resulting in the termination of its activities;

9.1.3. termination of the legal basis for processing personal data and/or achievement of the purposes of personal data processing;

9.1.4. receipt of a withdrawal of consent and other requests from the personal data subject leading to the termination of personal data processing.


10. Cross-Border Transfer of Personal Data

The cross-border transfer of personal data is not carried out.


11. Procedure for Handling Requests from Personal Data Subjects

11.1. Personal data subjects or their representatives may submit the following requests and inquiries to the Operator, including:

  • a request to receive information on the processing of personal data;

  • a request to clarify incomplete, inaccurate, or outdated personal data;

  • a request to terminate the processing of personal data;

  • a request to withdraw consent to the processing of personal data;

  • a claim in connection with illegally obtained or excessively processed personal data in relation to the stated purpose of processing, or unlawful processing of personal data.

11.2. Requests from personal data subjects may be received by the Operator:

  • during a personal visit to the Operator's office by the personal data subject or their legal representative;

  • by means of an appeal by the personal data subject (or their (legal) representative) to the Foundation via postal communication, electronic communication using an enhanced qualified electronic signature;

  • by sending scanned copies of applications/requests signed by the client via email without using an electronic signature, if consent to the processing of personal data is given on the Website;

  • in the event of receiving scanned copies of signed applications/requests via email without using an enhanced qualified electronic signature, the Operator has the right to demand that the personal data subject provide the original application/request or use an enhanced qualified electronic signature, and not to consider the application/request until it is received in the specified form.

An exception is a request to terminate the processing personal data for the purpose of promoting goods, works, and services, which may also be sent via email without using an enhanced qualified electronic signature and without providing a scanned copy of the signed request. For this, the personal data subject shall provide their name, patronymic, and surname and information confirming the personal data subject's participation in relations with the Operator for the purpose of promoting goods and services (mobile phone number, email address, and/or other information).

For any other request or inquiry, the personal data subject or their representative shall provide the following information:

  • name, patronymic, surname of the personal data subject or their representative;

  • a power of attorney or a duly certified copy thereof, or another document confirming the authority of the representative in accordance with legal requirements;

  • information confirming the participation of the personal data subject in relations with the Operator or otherwise confirming the fact of personal data processing;

  • details of the identification document of the personal data subject or their representative;

  • the essence of the request/inquiry.

If necessary, the person responsible for organizing the personal data processing may request additional information from the personal data subject (or their representative).

11.3. A response to the request or inquiry of the personal data subject shall be prepared and sent by the Operator within no more than ten (10) calendar days from the date the request or inquiry was received.

11.4. If the request of the personal data subject (or their representative) is repeated, and information regarding the processing of the personal data subject's personal data was provided to the personal data subject (or their representative) upon their request made no earlier than thirty (30) days prior to the repeated request, then the Operator shall provide a reasoned refusal to the personal data subject (or their representative). If a repeated request is made later than thirty (30) days after the provision of information regarding the processing of the personal data subject's personal data to the personal data subject (or their representative) upon a previous request, then the Operator shall provide the personal data subject (or their representative) with information regarding the processing of their personal data within no more than thirty (30) days.

11.5. In the event of withdrawal of a consent to the processing of personal data by the personal data subject, the Operator shall cease processing the personal data subject's personal data carried out solely on the basis of their consent, if the storage of the personal data subject's personal data is no longer required for the purposes of processing the personal data subject's personal data.

The Operator shall destroy the personal data subject's personal data processed only on the basis of their consent within no more than thirty (30) days, if the storage of the personal data subject's personal data is no longer required for the purposes of processing the personal data.

11.6. If the personal data processing for which a request or inquiry has been received is carried out by a counterparty on behalf of the Operator, the person responsible for organizing the processing of personal data shall ensure that such counterparty takes the necessary actions.


12. Final Provisions

12.1. The personal data subject can get any clarifications on questions of interest concerning the processing of their personal data by contacting the Operator via e-mail charity@cherkizovo.com.

12.2. The Policy is valid indefinitely until replaced by a new version. The Operator may update the Policy without special notice to personal data subjects.

12.3. The current version of the Policy is freely available on the Internet at https://cherkizovo-foundation.com/.

12.4. The list of third parties to whom the Operator may transfer, entrust the processing of personal data, or who may receive personal data:

  1. LLC "Uplab", PSRN 1092130009663, 428000, Cheboksary, 6 Nizhegorodskaya str., bld. 2, room 4.

  2. PJSC "Cherkizovo Group", PSRN 1057748318473, 142931, Moscow Region, Kashira Urban District, Topkanovo Village, Myasopererabotka Territory, 1 Cherkizovskaya Street, bld. 1, office 206.


We use cookies to improve the website's performance. By staying on the website, you agree to the terms of use of cookies. For more information, please refer to the Personal Data Processing Policy.