Privacy Policy of Personal Data (hereinafter referred to as the “Policy”) applies to all information that the Administration may receive about the User during the use of the Website, provided by the Administration, as well as during the fulfillment of any agreements and contracts by the Administration with the User.
1. General Provisions
1.1 This Policy defines the procedure for processing personal data and the measures to ensure the security of personal data at VecomLab (hereinafter referred to as the “Company”) in order to protect the rights and freedoms of individuals when processing their personal data.
1.2 The Policy is mandatory for all employees of the Company who have access to information containing personal data, as well as for individuals working with information owned by the Company under concluded agreements and contracts.
1.3 The Policy applies to all personal data of subjects processed in the Company’s information system using automated tools.
1.4 The Company and other individuals who have gained access to personal data are required to maintain the confidentiality of such data, specifically — not to disclose (share) it with third parties or disseminate personal data without the consent of the data subject, unless otherwise stipulated by law.
2. Principles and Conditions for Processing Personal Data
2.1 The processing of personal data in the Company is carried out based on the following principles:
- legality and fairness of the basis for processing;
- limitation of personal data processing to achieving specific, predefined, and legitimate purposes;
- prohibition of processing personal data incompatible with the purposes for which the data was collected;
- prohibition of merging databases containing personal data if the processing purposes are incompatible;
- processing only those personal data that are necessary for the purposes of processing;
- compliance of the content and volume of processed personal data with the stated processing purposes;
- prohibition of processing excessive personal data in relation to the stated processing purposes;
- ensuring the accuracy, sufficiency, and relevance of personal data concerning the purposes of processing;
- destruction or anonymization of personal data upon achieving the processing purposes or when there is no longer a need to achieve these purposes, if it is not possible for the Company to rectify any violations of personal data, unless otherwise provided by law.
2.2 The Company processes personal data only with the consent of the data subject for the processing of their personal data.
2.3 The Company does not process special categories of personal data related to racial or ethnic origin, political opinions, religious or philosophical beliefs, health status, or intimate life.
2.4 The Company has the right to delegate the processing of personal data to another party with the consent of the data subject, unless otherwise provided by law, based on a contract concluded with that party. The entity processing personal data on behalf of the Company must comply with the principles and rules of personal data processing.
3. Rights of the Data Subject
3.1 The data subject decides to provide their personal data and gives consent for its processing freely, voluntarily, and in their own interest. Consent for processing personal data can be given by the data subject or their representative in any form that allows for confirming its receipt, unless otherwise stipulated by law.
3.2 The data subject has the right to obtain information regarding the processing of their personal data, unless such a right is restricted by law. The data subject has the right to request the Company to clarify their personal data, block, or destroy it if the personal data is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose of processing, as well as to take legal measures to protect their rights.
3.3 The processing of personal data for the purpose of promoting goods, works, or services on the market through direct contact with potential consumers via communication means, as well as for political campaigning, is allowed only with the prior consent of the data subject. Such processing of personal data is considered to be conducted without prior consent if the Company cannot prove that such consent was obtained.
3.4 The Company is obligated to immediately cease the processing of the data subject’s personal data for the above-mentioned purposes upon the request of the data subject.
4. Ensuring the Security of Personal Data
4.1 The objectives of ensuring information security are to minimize the damage from threats to information security and to enhance the Company’s business reputation and corporate culture.
4.2 Information is a vital asset of the Company, and its protection is the responsibility of every employee granted access to it.
4.3 Ensuring the protection of information containing personal data means maintaining its confidentiality, integrity, and availability.
4.4 The security of personal data processed by the Company is ensured through the implementation of legal, organizational, technical, and software measures that are necessary and sufficient to meet the requirements of legislation on the protection of personal data.
4.5 Access to information containing personal data is granted only to individuals who need it to fulfill their official or contractual obligations, and only to the minimum extent necessary.
4.6 A responsible person is designated for each information resource, accountable for granting access to it and ensuring the effective functioning of information protection measures.
4.7 The Company has developed and approved a package of documents for the protection of personal data.
4.8 The Company conducts an annual analysis of the measures taken to protect personal data.
5. Final Provisions
5.1 Other rights and obligations of the Company as the operator of personal data are determined by the legislation in the field of personal data.
5.2 Company officials who are guilty of violating the rules governing the processing and protection of personal data bear personal responsibility in accordance with the laws.