Personal Data Confidentiality Policy
This Personal Data Confidentiality Policy (hereinafter - the Confidentiality Policy) is developed in accordance with the requirements of the RF Federal Law No.152-FZ dated 27 July 2006 “On Personal Data”, and subject to the requirements of the European Parliament and European Council Regulation No.2016/679 dated 27 April 2016 “On the Protection of Individuals with Regard to Processing of Personal Data and Free Circulation of Such Data, as well as Cancelling of 95/46/EC Regulation” (General Data Protection Regulation, hereinafter - GDPR), and applies to all the information relating to the User, which can be attained by the website www.bankofpartners.com (hereinafter - the Website) in the course of using the Website (and its subdomains) by the User.
1. Terms and Definitions
1.1. This Confidentiality policy uses the following terms:
1.1.1. Website administration (hereinafter, the Administration) "Operator" means Sberbank, which is authorized to administer the Website and which organizes and / or performs processing of personal data, as well as determines the purposes of personal data processing, the composition of personal data subject to processing, actions (operations) performed with personal data. E-mail address to contact the Administration: email@example.com.
1.1.2. Personal data shall mean any information that refers—directly or indirectly—to an identified or identifiable individual (personal data subject).
1.1.3. Processing of personal data means any action (transaction) or a number of actions (transactions) performed with or without automated technologies in regards to such personal data, including collection, recording, systematization, accumulation, storage, rectification (updating, changes), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
1.1.4. Confidentiality of personal data shall mean obligatory compliance of the Operator, User or another entity granted with access to personal data with the requirement of preventing its dissemination without the consent of the personal data subject, or any legal ground thereto.
1.1.5. The website www.bestofpartners.com (the Website) shall mean a number of interrelated webpages posted on the Internet at the unique URL bestofpartners.com and its subdomains.
1.1.6. Subdomains shall mean webpages or a number of webpages published on third-level domains belonging to the website www.bestofpartners.com, and other temporary webpages with the Administration’s contact details at the foot thereof.
1.1.7. "User of the website www.bestofpartners.com" (the User) - shall mean a person who registered on the Website and has access to the Website (login and password) that has concluded an Agreement for Usage of Materials and Content of the Website www.bestofpartners.com.
1.1.8. A cookie is a small fragment of data which a website requests from the browser used on your PC or mobile device. Cookies allow the website to “remember” your actions or preferences. Cookies are stored locally on your PC or on a mobile device. The users can delete saved cookie files at their own wish.
1.1.9. IP-address shall mean a unique site-local address in the computer network via which the User accesses the website www.bankofpartners.com.
2. General Provisions
2.1. The User’s usage of the Website www.bestofpartners.com shall mean the User’s consent to this Confidentiality policy, and the conditions of processing the User’s personal data.
2.2. Should they disagree with this Confidentiality Policy, the User shall stop using the Website www.bestofpartners.com.
2.3. This Confidentiality Policy shall be applicable to the Website www.bestofpartners.com. The Administration of the Website does not control and is not responsible for the sites (and their content) of third parties to which the User can click on the links available on the site www.bestofpartners.com.
2.4. Administration does not check and does not guarantee the authenticity of personal data provided by Users.
3. Subject of the Confidentiality policy
3.1. This Confidentiality Policy establishes the obligations of the Administration not to disclose and provide a regime for protecting the confidentiality of personal data that the User provides upon the request of the Administration on registration at www.bestofpartners.com or when subscribing to an e-mail newsletter.
3.2. The Administration may process various categories of personal data, provided such processing is in compliance with the requirements set by law. Categories of personal data to be processed may include the following:
3.2.1. Basic data about the User (family name, name, contact phone, e-mail address, place of residense);
3.2.2. Information gathered and accumulated by the Administration in the process of servicing the User;
3.2.3. Information on the actions effected on the Website, and data on the devices used (geolocation, IP-addresses, cookies).
3.3.1 Cookies, information about actions of users on the website, information about the user’s equipment, the date and time of the session are processed by the Administration (including by using Yandex.Metrika, Google Analytics, Firebas Google, Tune, Amplitude, Segmento) in order to improve the functioning of the website, the data on users’ actions is processed to improve the functioning of the Website, determine a user’s preferences, providing target information on the products and services of Sberbank of Russia.
3.3.2 The User may switch off cookies, after doing so the User may find out that some sections of the Website do not function properly. The instructions on managing cookies can usually be found in the query service of the browser (Help option).
4. Objectives and Methods of Personal Data Processing
4.1. Processing of the User’s personal data shall be performed for the following purposes:
4.1.1. Creation of the user account, identification, allowing the User’s access to the content of www.bankofpartners.com, arranging feedback from the User (including sending of notifications and inquiries relating to the usage of www.bankofpartners.com, processing of inquiries and applications from the User), providing technical support for the website, development and enhancement of its functionality.
4.1.2. Notifications of the User by e-mail, sending of special offers, newsletters and other information on behalf of the website www.bestofpartners.com.
4.2. The Bank processes the User’s personal data only if one of the following conditions is met:
4.2.1.The User has given consent to the processing of his or her personal data for one or more specific purposes;
4.2.2.The processing is required to comply with legal requirement, with Bank being the object of such requirement.
4.2.3.The processing is necessary for carrying out a contract to which the User is a party or in order to take steps at the request of the User prior to entering into a contract.
4.3. Personal data processing shall be carried out automatically, and include the following actions: collection, recording, arrangement, accumulation, storage, specification (updating, amending), retrieval, use, transfer (provision, access), depersonalization, blocking, removal, and destruction of personal data.
5. Period of Collecting of Personal Data
5.1. The processing of the User's personal data is carried out during the entire period of use by the User of the Site.
5.2. The processing of the User's personal data may be carried out after the deletion of the User Account in cases provided for by the legislation of the Russian Federation and GDPR.
6. Rights and obligations of the Parties
6.1. The User may:
6.1.1. By registration on the Website Website, the User grants consent to the processing of his or her personal data, by free will and for his or her benefit.
6.1.2. The User has a right to request the confirmation of his or her personal data processing. In case of such processing the User has a right to familiarize himself or herself with the personal data being processed, as well as with information about the purposes of processing, the categories of data being processed, the actions with the data, the receivers of the data and the guarantees when the data is transferred to third parties, the period of processing, the sources of the data, and whether decision-making is fully automated, inclusion of the User in the marketing mailouts by the Administration. The User also may obtain the list of the personal data being processed.
The User may demand changes in his or her personal data if there are inaccuracies in personal data processed by the Administration. Taking into account the purposes of data processing, the User may supplement the personal data, including by submitting an additional application.
6.1.4. The User may initiate limitations on processing of all or a part of his or her personal data if one of the following conditions is met:
• the accuracy of personal data is being contested by the User (limitation for the period necessary for the Administration to confirm the accuracy of the personal data);
• unlawful personal data processing has been revealed, the User opposes deleting the personal data and demand limiting the use thereof instead;
• the Administration does not need the personal data for the purposes of processing any more, but the User needs the personal data for the purpose of substantiation, performance or as part of legal proceedings;
• the User opposes his or her personal data processing (limitation for a period necessary for the Administration to confirm whether the Administration’s legal grounds for personal data processing prevail over the lawful claims of the User).
6.1.5. The User may initiate limitations on processing of all or a part of his or her personal data if one of the following conditions is met:
• the personal data is no longer required for the purposes for which they have been obtained;
• the User withholds the consent on the basis of which the processing has been carried out, if there are no other legal grounds for processing;
• the User opposes his or her personal data processing (if there are no prevailing legal grounds for the personal data processing);
• the personal data is being processed unlawfully;
• the personal data must be deleted to ensure compliance with a legal obligation in accordance with legislative requirements;
• the personal data was obtained while delivering information society services.
6.1.6. The User has a right to demand the list of his or her personal data provided to the Administration for the processing thereof in a structured, uniform and machine-readable format, and to instruct the Administration to transfer his or her personal data to a third party if the Administration has the technical possibility to do so. In this case the Administration shall not be responsible for further actions of a third party related to the personal data. 6.1.7.The User has a right to oppose processing of all or a part of the list of his or her personal data for the purposes indicated when the personal data was provided for the Administration, except for the cases where the legal grounds for personal data processing prevail over the interests, rights and freedoms of the User or where the processing of the personal data is necessary for substantiation, execution or defense in legal proceedings. 6.1.8.The User has a right to demand to limit his or her personal data processing for the purpose of marketing activities carried out by the Administration. 6.1.9.The User has a right to bring a complaint to the supervisory authority if the Administration in any way violates his or her rights . 6.1.10.To facilitate communication on legal matters between the Administration and the User, the e-mail address firstname.lastname@example.org was created.
6.2. The User shall:
6.2.1. Take any necessary measures to ensure confidentiality of the account details (login and password) for accessing the User Profile, make sure that the password is not saved in the browser (including when using cookies technologies) in case the computer is shared with other users;
6.2.2. Abstain from uploading any materials with the photos of other people without their preliminary consent thereto except for when the consent is not required according to Article 152.1 of the Civil Code of the Russian Federation.
6.3. The Administration shall:
6.3.1. Use the received Personal Data of Users only for the purposes specified in cl. 4 of this Confidentiality Policy.
6.3.2. Ensure the storage of Personal Data of Users in secret, not disclose it without the consent of the User, and also not sell, exchange, publish or disclose in other possible ways the personal data of the User transferred, except for the transfer to authorized state authorities of the Russian Federation only for reasons and in order, established by the legislation of the Russian Federation.
6.3.3. Process the personal data of the User, and ensure the confidentiality and protection of the processed personal data in accordance with the requirements of the Federal Law No.152-FZ "On Personal Data" of July 27, 2006, as well as GDPR. When processing personal data, take required legal, organizational and technical measures to protect personal data received from the User from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data received from the User.
7.1. Administration and Users who violate their obligations to protect Personal Data are liable for damage caused by the misuse of personal data in accordance with the legislation of the Russian Federation.
8.1. The Administration may introduce amendments to this Confidentiality Policy without the User’s consent.
8.2. This new Confidentiality Policy shall come into effect upon its publication on the Website, unless otherwise is stipulated by a revised version of the Confidentiality Policy.
8.3. Please send your suggestions or inquiries regarding this Confidentiality Policy to email@example.com.
8.4. This Confidentiality Policy shall be published on the Website www.bestofpartners.com.
The Website Administration
Address: Russia, Moscow, 117997, 19 Vavilova Street
Tel.: +7 (495) 665-56-00 ext. 64969
The Website Administration representative in the European Union
Address: Vienna, Austria, 1010, 3 Schwarzenbergplatz
Phone number: +43 (0)1 22732-0
The contact responsible for managing of processing and protection of personal data
Tel.: +7 (495) 665-56-00 ext. 64969