top of page

POLITICS REGARDING THE PROCESSING OF PERSONAL DATA IN LTD "EMPIRE"

1. General Provisions


1.1. The policy regarding the processing of personal data (hereinafter referred to as the Policy) is aimed at protecting the rights and freedoms of individuals whose personal data are processed by EMPIRE LTD (the "Operator").

1.2. The policy was developed in accordance with clause 2 of Part 1 of Art. 18.1 of the Federal Law of July 27, 2006 No. 152-FZ "On Personal Data" (hereinafter - the Federal Law "On Personal Data").

1.3. The policy contains information to be disclosed in accordance with Part 1 of Art. 14 of the Federal Law "On Personal Data", and is a public document.

2. Information about the operator


2.1. The operator operates at the following address: Moscow, Presnenskaya Embankment, 12 (Moscow-City MIBC, Federation-West Tower).

2.2. General Director Pavlov Alexander Alexandrovich (phone +7 (994) 777-7007) was appointed responsible for organizing the processing of personal data.

2.3. The database of information containing personal data of citizens of the Russian Federation is located at: server139.hosting.reg.ru.

3. Information on the processing of personal data


3.1. The operator processes personal data on a legal and fair basis for the performance of the functions, powers and duties entrusted to him by law, the implementation of the rights and legal interests of the Operator, employees of the Operator and third parties.

3.2. The operator receives personal data directly from the subjects of personal data.

3.3. The operator processes personal data in automated and non-automated ways, using computer facilities and without using such means.

3.4. Personal data processing activities include collection, recording, systematization, accumulation, storage, updating (updating, modification), extraction, use, transmission (distribution, provision, access), depersonalization, blocking, deletion and destruction.

3.5. Databases of information containing personal data of citizens of the Russian Federation are located on the territory of the Russian Federation.

4. Processing of personal data of employees


4.1. The operator processes the personal data of the Operator's employees within the framework of legal relations regulated by the Labor Code of the Russian Federation of December 30, 2001 No. 197-FZ (hereinafter referred to as the RF LC), including Chapter 14 of the Labor Code relating to the protection of personal data of employees.

4.2. The operator processes personal data of employees for the purpose of executing labor contracts, compliance with the legislation of the Russian Federation, as well as with the aim:

- keep personnel records;

- To keep accounting;

- to exercise the functions, powers and duties imposed by the legislation of the Russian Federation on the Operator, including the provision of personal data to the state authorities, the Pension Fund of the Russian Federation, the Social Security Fund of the Russian Federation, the Federal Mandatory Medical Insurance Fund, and other state bodies ;

- comply with the standards and requirements for labor protection and personal safety of the employees of  "EMPIRE" LTD, the safety of property;

- control the quantity and quality of the work performed;

- to provide privileges and compensations provided for by the legislation of the Russian Federation;

- open personal bank accounts of "EMPIRE" LTD employees for the transfer of wages;

- to insure under programs of voluntary medical insurance;

- transfer insurance contributions to non-state pension funds;

- provide access to the territory of the Operator;

- organize training for employees of "EMPIRE" LTD;

- publish on the website, in internal directories, address books of the organization.

4.3. The operator does not take decisions affecting the interests of employees based on their personal data received electronically or exclusively as a result of automated processing.

4.4. The operator protects the personal data of employees at their own expense in the manner established by the Labor Code of the Russian Federation, the Federal Law "On Personal Data" and other federal laws.

4.5. The operator introduces workers and their representatives to the list with documents that establish the procedure for processing personal data of employees, as well as their rights and responsibilities in this area.

4.6. The operator allows access to personal data of employees only to those who are authorized to receive only those data that are necessary for the performance of their functions.

4.7. The operator receives all the personal data of employees from them. If the employee's data can only be obtained from a third party, the Operator shall notify the employee in advance and receive his written consent. The operator informs the employee about the objectives, sources, methods of obtaining, as well as the nature of the data to be received and the consequences of the worker's refusal to give written consent to receive them.

4.8. The operator processes personal data of employees with their written consent provided for the term of the employment contract.

4.9. The operator processes personal data of employees during the term of the employment contract. The operator processes the personal data of the laid-off workers within the period established by clause 5, part 3 of Art. 24 parts of the first Tax Code of the Russian Federation of July 31, 1998 No. 146-FZ, part 1 of Art. 29 of the Federal Law "On Accounting" dated December 6, 2011 No. 402-FZ and other normative legal acts.

4.10. The operator can handle special categories of personal data of employees (information on the state of health relating to the issue of the possibility of performing their labor functions) on the basis of clause 2.3 of part 2 of Art. 10 of the Federal Law "On Personal Data".

4.11. The operator does not process biometric personal data of employees.

4.12. The operator does not receive data on the membership of employees in public associations or their trade union activities, except as provided for by the LC RF or other federal laws.

4.13. The operator processes the following personal data of employees:

- Full Name;

- Type, series and number of the document proving the identity;

- Date of issue of the identity document and information about the issuing authority;

- Year of birth;

- Month of birth;

- Date of Birth;

- Place of Birth;

- Address;

- Contact phone number;

- E-mail address;

- Taxpayer Identification Number;

- Number of insurance certificate of state pension insurance;

- National affiliation;

- Profession;

- Income;

- Insurance premiums to the OPS;

- Insurance premiums for compulsory medical insurance;

- Tax deductions;

- Position;

- Personnel Number;

- Information on services rendered;

- The photo;

- Family status;

- Additional insurance contributions to the funded part of the pension;

- Seniority;

- Information on military registration;

- Data of the MHI policy.

4.14. The operator does not disclose the employee's personal data to the third party without his written consent, except when necessary to prevent a threat to the life and health of the employee, as well as in other cases provided for by the LC RF, the Federal Law "On Personal Data" or other federal laws.

4.15. The operator does not disclose the employee's personal data for commercial purposes without his written consent.

4.16. The operator transmits the personal data of employees to their representatives in the manner established by the RF LC, the Federal Law "On Personal Data" and other federal laws, and restricts this information to only those data that are necessary for the representatives to perform their functions.

4.17. The operator warns persons who receive personal data of the employee that these data can only be used for the purposes for which they are communicated, requires these persons to confirm that this rule is observed.

4.18. In accordance with the procedure established by law, and in accordance with Art. 7 of the Federal Law "On Personal Data" to achieve the purposes of processing personal data and with the consent of employees. The operator provides personal data of employees or instructs them to process the following:

- State bodies (FIU, FTS, FSS, etc.);

- Bank (within the salary project);

- Insurance company (as part of the VHI program);

- Passenger transportation companies and hotels (within the organization of business trips);

- booking system rentcarpms.com;

- The dispatching service of HIVETAXI (call center Interlink);

- Law enforcement agencies (FSB, FSO, MIA);

- SMS center (smsc.ru).

4.19. The employee can obtain free, free access to information about his personal data and about the processing of this data. An employee may receive a copy of any record containing his personal data, except as provided for by federal law.

4.20. An employee can access medical records reflecting his state of health with the help of a medical worker of his choice.

4.21. An employee can identify a representative to protect his personal data.

4.22. An employee may request the exclusion or correction of his incorrect or incomplete personal data, as well as data processed in violation of the requirements of the Labor Code of the Russian Federation, the Federal Law "On Personal Data" or other federal law. If the Operator refuses to exclude or correct the personal data of the employee, he can declare in writing his disagreement and justify such disagreement. The employee can supplement the personal data of the evaluation character with a statement expressing his own point of view.

4.23. The employee may request to notify all persons who had previously been informed of his incorrect or incomplete personal data about all exceptions, corrections or additions made in them.

4.24. An employee may appeal to the court any wrongful acts or omissions by the Operator when processing and protecting his personal data.

5. Processing of personal data of employees under contracts of a civil-law nature


5.1. The operator processes the personal data of employees under civil law contracts within the framework of legal relationships with the Operator, regulated by Part II of the Civil Code of the Russian Federation of January 26, 1996, No. 14-FZ.

5.2. The operator processes personal data of employees under civil law contracts in order to comply with the legislation of the Russian Federation, as well as:

- conclude and implement civil law contracts.

5.3. The operator processes the personal data of employees under contracts of a civil-law nature with their consent, granted for the duration of the contracts concluded with them. In cases stipulated by the Federal Law "On Personal Data", consent is granted in writing. In other cases, consent is deemed to be received at the conclusion of the contract or in the performance of conclusive acts.

5.4. The operator processes personal data of employees under contracts of a civil-law nature during the term of validity of contracts concluded with them. The operator can process personal data of employees under contracts of a civil-law nature after the expiry of the term of validity of contracts concluded with them within the period established by clause 5, part 3 of Art. 24 parts of the first Tax Code, Part 1 of Art. 29 FZ "On Accounting" and other regulatory legal acts.

5.5. The operator processes special categories of personal data of under-age employees under contracts of a civil-law nature with the written consent of their legal representatives on the basis of Part 1 of Art. 9, item 1 of part 2 of Art. 10 of the Federal Law "On Personal Data".

5.6. The operator processes the following personal data of employees under civil law contracts:

- Full Name;

- Type, series and number of the document proving the identity;

- Date of issue of the identity document and information about the issuing authority;

- Year of birth;

- Month of birth;

- Date of Birth;

- Place of Birth;

- Address;

- Contact phone number;

- E-mail address;

- Taxpayer Identification Number;

- Number of insurance certificate of state pension insurance;

6. Processing of personal data of applicants


6.1. The operator processes the personal data of job applicants for vacant posts (hereinafter referred to as job seekers).

6.2. The operator processes the personal data of applicants in order to:

- make decisions about admission or refusal to apply for work;

- maintain a staff reserve.

6.3. The operator processes the personal data of the applicants with their written consent, provided for the period necessary to make a decision on admission or denial of employment. The exception is cases where on behalf of the applicant there is a recruitment agency with which he has entered into the relevant agreement, as well as when the competitor independently places his resume accessible to an unlimited number of persons on the Internet.

6.4. The operator processes the personal data of the applicants for the period necessary to make a decision on admission or refusal to apply for a job. In case of refusal in hiring, the Operator stops processing the personal data of the applicant within 30 days in accordance with Part 4 of Art. 21 of the Federal Law "On Personal Data". If the applicant has consented to be included in the personnel reserve, the Operator can continue processing personal data within the period specified in the agreement.

6.5. The operator does not process special categories of personal data of applicants and biometric personal data of applicants.

6.6. The operator processes the following personal data of applicants:

- Full Name;

- Type, series and number of the document proving the identity;

- Date of issue of the identity document and information about the issuing authority;

- Year of birth;

- Month of birth;

- Date of Birth;

- Place of Birth;

- Address;

- Contact phone number;

- E-mail address;

- Taxpayer Identification Number;

- Number of insurance certificate of state pension insurance;

- The photo;

- Personnel Number;

- Property status;

- Information on services rendered;

- Vehicle data (brand, model, state number, year of issue, etc.);

- Photo documents of the vehicle (STS, TO, OSAGO);

- Photo of documents of the owner and driver of the vehicle (passport, VU, TIN, SNILS).

7. Processing of customer's personal data


7.1. The operator processes personal data of clients within the framework of legal relationships with the Operator, regulated by Part 2 of the Civil Code of the Russian Federation of January 26, 1996 No. 14-FZ, (hereinafter referred to as "customers").

7.2. The operator processes personal data of clients in order to comply with the norms of the legislation of the Russian Federation, as well as with the aim:

- conclude and fulfill obligations under contracts with customers;

- to carry out the types of activities stipulated by the constituent documents of LLC

"EMPIRE";

- inform about new products, special promotions and offers;

- draw up discount cards.

7.3. The operator processes the personal data of the customers with their consent, provided for the duration of the contracts concluded with them. In cases stipulated by the Federal Law "On Personal Data", consent is granted in writing. In other cases, consent is deemed to be received at the conclusion of the contract or in the performance of conclusive acts.

7.4. The operator processes the personal data of the clients during the validity periods of the contracts concluded with them. The operator can process the personal data of the clients after the expiration of the validity of the contracts concluded with them within the period established by clause 5, part 3 of Art. 24 parts of the first Tax Code, Part 1 of Art. 29 FZ "On Accounting" and other regulatory legal acts.

7.5. The operator processes special categories of personal data of minor clients with the written consent of their legal representatives on the basis of Part 1 of Art. 9, item 1 of part 2 of Art. 10 of the Federal Law "On Personal Data".

7.6. The operator processes the following personal customer data:

- Full Name;

- Type, series and number of the document proving the identity;

- Date of issue of the identity document and information about the issuing authority;

- Year of birth;

- Month of birth;

- Date of Birth;

- Place of Birth;

- Address;

- Contact phone number;

- E-mail address;

- Taxpayer Identification Number;

- Number of insurance certificate of state pension insurance;

- National affiliation;

- Profession;

- Income;

- Insurance premiums to the OPS;

- Insurance premiums for compulsory medical insurance;

- Tax deductions;

- Position;

- Personnel Number;

- Information on services rendered;

- Make, model, state number plate;

- The photo;

- Property status;

- Vehicle data (brand, model, state number, year of issue, etc.);

- Photo documents of the vehicle (STS, TO, OSAGO);

- Photo of documents of the owner and driver of the vehicle (passport, VU, TIN, SNILS).

7.7. In order to achieve the goals of processing personal data and with the consent of the customers, the Operator provides personal data or instructs them to process the following data:

- booking system rentcarpms.com;

- The dispatching service of HIVETAXI (call center Interlink);

- SMS center (smsc.ru).

7.8. In order to fulfill contractual obligations or requirements of federal legislation, the Operator receives personal data from the following third parties:

- rentcarpms.com.

8. Information about the security of personal data


8.1. The operator appoints the person responsible for organizing the processing of personal data for the performance of duties stipulated by the Federal Law "On Personal Data" and the normative legal acts adopted in accordance with it.

8.2. The operator applies a set of legal, organizational and technical measures to ensure the security of personal data to ensure the confidentiality of personal data and protect them from illegal actions:

- provides unlimited access to the Policy, a copy of which is posted at the address of the Operator, and can also be posted on the Operator's website (if available);

- in compliance with the Policy, approves and enforces the document "Regulation on the processing of personal data" (hereinafter - the Regulations) and other local acts;

- acquaints employees with the provisions of legislation on personal data, as well as with the Policy and Regulations;

- allows employees to access personal data processed in the information system of the Operator, as well as to their material carriers only for the performance of their duties;

- establishes rules for access to personal data processed in the information system of the Operator, and also ensures registration and accounting of all actions with them;

- assesses the harm that may be caused to the subjects of personal data in the event of violation of the Federal Law "On Personal Data";

- makes a definition of threats to the security of personal data when processing them in the information system of the Operator;

- applies organizational and technical measures and uses the information protection tools necessary to achieve the established level of protection of personal data;

- Detects the facts of unauthorized access to personal data and takes response measures, including the restoration of personal data modified or destroyed due to unauthorized access to them;

- assesses the effectiveness of measures taken to ensure the security of personal data prior to putting into operation the information system of the Operator;

- carries out internal control over the compliance of the processing of personal data of the Federal Law "On Personal Data", the regulatory legal acts adopted in accordance with it, the requirements for the protection of personal data, the Policy, the Regulations and other local acts, including control over the measures taken to ensure the security of personal data and their The level of security in processing in the information system of the Operator.

9. Rights of subjects of personal data


9.1. The subject of personal data has the right:

- to receive personal data relating to this subject and information regarding their processing;

- to clarify, block or destroy his personal data if they are incomplete, obsolete, inaccurate, illegally obtained or are not necessary for the stated purpose of the processing;

- to revoke his consent to the processing of personal data;

- to protect their rights and legitimate interests, including compensation for damages and compensation for non-pecuniary damage in court;

- to appeal against actions or omissions of the Operator to the authorized body for protection of the rights of subjects of personal data or in court.

9.2. To realize their rights and legitimate interests, personal data subjects have the right to apply to the Operator or send a request personally or with the help of a representative. The request must contain the information specified in Part 3 of Art. 14 of the Federal Law "On Personal Data".

bottom of page