RU | EN
POLICY ON PERSONAL DATA PROCESSING

1. General Provisions
This personal data processing policy is drawn up in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data implemented by Sole Proprietor Brodach Arseniy Alexandrovich (hereinafter referred to as the Operator).
1.1. The Operator considers the observance of human and civil rights and freedoms in the processing of their personal data, including the protection of the right to privacy, personal and family secrets, to be the most important goal and condition for carrying out its activities.
1.2. This Operator’s policy on personal data processing (hereinafter referred to as the Policy) applies to all information that the Operator may obtain about visitors to the website https://delo-design.com.

2. Key Terms Used in the Policy
2.1. Automated processing of personal data – processing using computer equipment.
2.2. Blocking of personal data – temporary suspension of processing (except when processing is necessary to clarify the data).
2.3. Website – a set of graphical and informational materials, software and databases made available on the Internet at https://delo-design.com.
2.4. Personal data information system – a collection of personal data stored in databases and processed using IT and technical tools.
2.5. Depersonalization of personal data – actions after which it is impossible to identify the data subject without additional information.
2.6. Processing of personal data – any action or set of actions with or without automation, including collection, recording, systematization, accumulation, storage, updating, retrieval, use, transfer (dissemination, provision, access), depersonalization, blocking, deletion, and destruction.
2.7. Operator – a state or municipal authority, legal or natural person that independently or jointly organizes and/or performs the processing of personal data and defines the purposes, scope, and actions performed on the data.
2.8. Personal data – any information relating directly or indirectly to an identified or identifiable user of the website https://delo-design.com.
2.9. Personal data permitted by the subject for distribution – data made available to an unlimited number of persons by the data subject by giving consent as prescribed by law.
2.10. User – any visitor of the website https://delo-design.com.
2.11. Provision of personal data – actions aimed at disclosing personal data to a specific person or a group of persons.
2.12. Dissemination of personal data – any actions aimed at disclosure to an indefinite group of persons (transfer) or familiarization by an unlimited number of persons, including publication in mass media, online or other means.
2.13. Cross-border transfer – transfer of personal data to a foreign state, foreign individual, or legal entity.
2.14. Destruction of personal data – irreversible actions that make the data unrecoverable and/or destroy physical media containing personal data.

3. Operator’s Key Rights and Duties
3.1. The Operator has the right to:
– receive accurate personal data from the subject;
– continue processing personal data without consent when allowed by the Personal Data Law;
– independently determine the list of necessary and sufficient measures for compliance, unless otherwise stipulated by law.
3.2. The Operator must:
– provide information on personal data processing to the subject upon request;
– process data in accordance with current Russian legislation;
– respond to inquiries and requests from subjects and their legal representatives;
– provide necessary information to the authorized data protection authority within 10 days of request;
– publish or otherwise ensure unrestricted access to this Policy;
– take legal, organizational, and technical measures to protect personal data;
– cease transfer and processing, and destroy personal data when required;
– fulfill other obligations under the Personal Data Law.

4. Data Subjects’ Rights and Obligations
4.1. Subjects have the right to:
– receive information on data processing, except where federal law restricts access;
– request correction, blocking, or destruction of data if it is incomplete, outdated, inaccurate, or unnecessary;
– request prior consent for marketing;
– withdraw consent and demand termination of processing;
– appeal to authorities or courts against unlawful processing;
– exercise other legal rights.
4.2. Subjects must:
– provide accurate data;
– notify the Operator of updates or changes.
4.3. Persons who submit false data or data of third parties without consent are liable under Russian law.

5. Principles of Personal Data Processing
5.1. Data is processed lawfully and fairly.
5.2. Processing is limited to specific, legitimate purposes.
5.3. Databases for incompatible purposes must not be merged.
5.4. Only relevant data is processed.
5.5. Data processed must be adequate and not excessive.
5.6. Accuracy and relevance of data must be ensured.
5.7. Data must not be stored longer than necessary, unless otherwise required by law or contract.

6. Purposes of Data Processing
  • Informing the User via email;
  • Execution and termination of civil-law contracts.
  • Personal Data: full name, email address, phone numbers.
  • Legal Basis: Operator’s founding documents; contracts with the data subject.
  • Processing Actions: collection, recording, systematization, accumulation, storage, destruction, depersonalization, and sending informational emails.
7. Conditions for Data Processing
7.1. Processing is based on consent.
7.2. Processing is necessary to fulfill international or legal obligations.
7.3. Processing is required for judicial functions or enforcement of legal decisions.
7.4. Processing is needed for contract performance or conclusion.
7.5. Processing serves legitimate interests or public benefit without violating rights.
7.6. Processing is done for publicly available data.
7.7. Processing is done for legally required disclosure.

8. Procedure for Collection, Storage, Transfer, and Other Processing
The Operator ensures security through legal, organizational, and technical measures as required by law.
8.1. The Operator keeps data secure and protects against unauthorized access.
8.2. Data is never transferred to third parties unless required by law or with subject’s consent.
8.3. Users may update their data by emailing hello@delo-design.com with the subject “Update of personal data.”
8.4. Data is processed until the purpose is achieved unless otherwise stated. Consent may be revoked at any time by emailing hello@delo-design.com with the subject “Withdrawal of consent.”
8.5. Third-party services (e.g. payment systems) process data in accordance with their own policies. The Operator is not responsible for third parties.
8.6. Restrictions on data distribution do not apply if processing is carried out in the public interest as defined by law.
8.7. The Operator ensures data confidentiality.
8.8. Data is stored no longer than necessary, unless otherwise required by law or contract.
8.9. Processing ends upon achievement of the purpose, expiration of consent, withdrawal of consent, or identification of unlawful processing.

9. Actions Carried Out by the Operator with Personal Data
9.1. The Operator performs the following actions with personal data: collection, recording, systematization, accumulation, storage, updating (modification, correction), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
9.2. The Operator performs automated processing of personal data with or without receiving and/or transmitting the obtained information via information and telecommunication networks.

10. Cross-Border Transfer of Personal Data
10.1. Before starting the cross-border transfer of personal data, the Operator must ensure that the foreign state to which the transfer is planned provides adequate protection of the rights of personal data subjects.
10.2. Cross-border transfer of personal data to foreign states that do not meet the above requirements may be carried out only with the written consent of the personal data subject to such transfer and/or in cases provided for by the Personal Data Law.
11. Confidentiality of Personal Data
The Operator and other persons who have gained access to personal data are obligated not to disclose or disseminate personal data to third parties without the consent of the data subject, unless otherwise provided by federal law.

12. Final Provisions
12.1. The User may receive any clarifications on questions of interest regarding the processing of their personal data by contacting the Operator via email at hello@delo-design.com.
12.2. This document will reflect any changes in the Operator’s personal data processing policy. The Policy is valid indefinitely until replaced by a new version.
12.3. The current version of the Policy is freely available on the Internet at: https://delo-design.com/privacy-policy.