company group
Forest energy
Lumber and coal production
on our own raw material base
Privacy policy
1. General provisions
1.1. This regulation establishes the procedure for processing personal data of users of the website owned by LLC Energia Lesa (hereinafter referred to as the operator), and ensures compliance with the requirements of protecting the rights of citizens when processing personal data.
1.2. The Policy has been developed in accordance with Federal Law 152-FZ "On Personal Data" dated 27.07.2006 (hereinafter — the Federal Law "On Personal Data").
2. The basic concepts used in this regulation
2.1. For the purposes of this regulation, the following basic concepts are used:
a website is a set of software and hardware tools that ensure the publication of data on the Internet for public viewing. The site is accessible by a unique email address or its letter designation. It may contain graphic, text, audio, video, as well as other information reproduced using a computer; operator - a legal or natural person organizing and (or) processing personal data, as well as determining the purposes and content of personal data processing;
any information relating directly or indirectly to a specific or identifiable individual (subject of personal data);
the subject of personal data is an individual who is directly or indirectly identified or determined using personal data. Within the framework of this provision, an individual who is a client - user of the site is considered a subject;
personal data processing - actions (operations) with personal data, including collection, systematization, accumulation, storage, clarification (updating, modification), use, distribution (including transfer), depersonalization, blocking, destruction of personal data;
publicly available personal data - personal data to which an unlimited number of persons have access with the consent of the subject of personal data or to which, in accordance with federal laws, the requirement of confidentiality does not apply.
3. Composition of the user's personal data
3.1. Composition of personal data:
The data provided by the user independently when filling out the feedback form:
Name;
Phone number;
E-mail;
The text of the user's message and other information provided by the user.
Automatically collected data:
IP address, Cookie data;
information about the user's browser, technical characteristics of the hardware and software used by the user;
the date and time of access to the site, the addresses of the requested pages and other similar information.
3.2. The personal data specified in clause 3.1 of the regulations are processed for the purpose of identifying users, ensuring the execution of the user agreement, providing personalized services and content to the user, improving the quality of the site and providing services, targeting advertising materials, conducting statistical and other research based on depersonalized personal data.
3.3. The processing of users' personal data is carried out with their consent. The user filling out the feedback form on the website in order to obtain the necessary information thereby expresses his full consent in accordance with Article 9 of the Federal Law of July 27, 2006 152-FZ "On Personal Data" to the automated, as well as without the use of automation tools, processing and use of his personal data.
4. Confidentiality of personal data
4.1. The information listed in Article 3 of this regulation is confidential. The operator ensures the confidentiality of personal data and is obliged to prevent their dissemination without the consent of customers, or the presence of other legal grounds.
4.2. All confidentiality measures in the collection, processing and storage of personal data of clients apply to both paper and electronic (automated) media.
4.3. The confidentiality regime of personal data is removed in cases of depersonalization or publication in publicly available sources (mass media, Internet, Unified State Register of Legal Entities and other public state registers).
5. Rights and obligations of the personal data operator
5.1. The processing of users' personal data is carried out by the operator with the consent of the subjects of personal data, except for the cases provided for in paragraph 5.2 of this Article.
5.2. The Company has the right, without the consent of the personal data subject, to process his personal data in the following cases:the processing of personal data is carried out on the basis of a federal law that establishes its purpose, the conditions for obtaining personal data and the range of subjects whose personal data are subject to processing, as well as defining the powers of the operator; personal data processing is carried out for the purpose of fulfilling the contract, one of the parties to which is the subject of personal data; personal data processing is carried out, subject to publication in accordance with federal laws, including personal data of persons holding public positions, positions of the state civil service, personal data of candidates for elected state or municipal positions.
5.3. When determining the scope and content of the user's personal data to be processed, the operator is guided by the Federal Law "On Personal Data", the user agreement. The Operator receives the user's personal data only to the extent necessary to achieve the legitimate purposes of collecting and processing personal data.
5.4. The Operator ensures the protection of the user's personal data from their misuse or loss at its own expense in accordance with the procedure established by federal law.
6. Rights of the personal data subject
6.1. The subject of personal data has the right to receive information about the operator, about his location, about the availability of personal data related to the relevant subject of personal data, as well as to get acquainted with such personal data. The subject of personal data has the right to require the operator to clarify his personal data, block or destroy them if the personal data is incomplete, outdated, unreliable, illegally obtained or are not necessary for the stated purpose of processing, as well as to take measures provided by law to protect his rights.
6.2. Information about the availability of personal data must be provided to the personal data subject by the operator in an accessible form, and they must not contain personal data related to other personal data subjects.
6.3. Access to your personal data is provided to the personal data subject or his legal representative when contacting or receiving a request from the personal data subject or his legal representative.
6.4. The subject of personal data has the right to withdraw consent to the processing of personal data, restrict the methods and forms of processing of personal data, prohibit the dissemination of personal data without his consent.
6.5. The subject of personal data has the right to appeal the actions or inaction of the operator to the authorized body for the protection of the rights of personal data subjects or in court.
6.6. The subject of personal data has the right to protect his rights and legitimate interests, including compensation for damages and compensation for moral damage in court.
7. Processing of personal data
7.1. The processing of personal data is carried out by the operator solely to achieve the goals defined by this regulation and the user agreement.
7.2. The processing of personal data by the operator consists in obtaining, systematization, accumulation, storage, clarification (updating, modification), use, distribution, depersonalization, blocking, destruction and protection from unauthorized access.
7.3. The site may also collect, record, systematize, accumulate, store, clarify (update and change), extract, use, depersonalize, block, delete, transfer (grant access) data about site visitors (including cookies) using Internet statistics services (Yandex.Metrica, Google Analytics).
7.4. The processing of personal data is carried out by the method of mixed (including automated) processing.
7.5. Only employees of the operator whose job responsibilities are directly related to access and work with the user's personal data may have access to the processing of the user's personal data.
7.6. In the case of a corresponding request from a personal data subject, the operator is obliged to make the necessary changes, destroy or block the relevant personal data upon the provision by the personal data subject or his legal representative of information confirming that the personal data that relate to the relevant subject and the processing of which is carried out by the operator are incomplete, outdated, unreliable, illegally obtained or are not necessary for the stated purpose of processing. The operator is obliged to notify the personal data subject or his legal representative and third parties to whom the personal data of this subject has been transferred about the changes made and the measures taken.
8. Transfer of personal data
8.1. The transfer of personal data is carried out by the operator only if it is necessary to fulfill the user agreement or provide certain services to the user with the user's consent.
8.2. The transfer of personal data to third parties is carried out by the operator only on the basis of the relevant agreement, the essential condition of which is the obligation of the third party to ensure the confidentiality of personal data and the security of personal data during their processing. This provision does not apply in the case of depersonalization of personal data and in relation to publicly available personal data.
8.3. The transfer of personal data to public authorities is carried out within their powers in accordance with applicable law.
9. Storage of personal data
9.1. Personal data may be stored electronically on the territory of Russia.
10. Protection of users' personal data
10.1. Information containing the user's personal data posted on electronic media is subject to protection.
10.2. When processing users' personal data, the Operator is obliged to take the necessary organizational and technical measures to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, dissemination of personal data, as well as from other illegal actions.
10.3. Protection of users' personal data stored in the operator's electronic databases from unauthorized access, distortion and destruction of information, as well as from other illegal actions, is provided by the operator's employees.
10.4. Protection of access to electronic databases containing personal data of users is provided by:
using antivirus and other software and hardware protection of the perimeter of the internal network, preventing unauthorized entry into the operator's local network;
differentiation of access rights using an account.
11. Responsibility for the disclosure of information containing the user's personal data
11.1. The operator's employees who are guilty of violating the rules governing the receipt, processing and protection of personal data are subject to disciplinary, administrative, civil or criminal liability in accordance with federal laws.
1. General provisions
1.1. This regulation establishes the procedure for processing personal data of users of the website owned by LLC Energia Lesa (hereinafter referred to as the operator), and ensures compliance with the requirements of protecting the rights of citizens when processing personal data.
1.2. The Policy has been developed in accordance with Federal Law 152-FZ "On Personal Data" dated 27.07.2006 (hereinafter — the Federal Law "On Personal Data").
2. The basic concepts used in this regulation
2.1. For the purposes of this regulation, the following basic concepts are used:
a website is a set of software and hardware tools that ensure the publication of data on the Internet for public viewing. The site is accessible by a unique email address or its letter designation. It may contain graphic, text, audio, video, as well as other information reproduced using a computer; operator - a legal or natural person organizing and (or) processing personal data, as well as determining the purposes and content of personal data processing;
any information relating directly or indirectly to a specific or identifiable individual (subject of personal data);
the subject of personal data is an individual who is directly or indirectly identified or determined using personal data. Within the framework of this provision, an individual who is a client - user of the site is considered a subject;
personal data processing - actions (operations) with personal data, including collection, systematization, accumulation, storage, clarification (updating, modification), use, distribution (including transfer), depersonalization, blocking, destruction of personal data;
publicly available personal data - personal data to which an unlimited number of persons have access with the consent of the subject of personal data or to which, in accordance with federal laws, the requirement of confidentiality does not apply.
3. Composition of the user's personal data
3.1. Composition of personal data:
The data provided by the user independently when filling out the feedback form:
Name;
Phone number;
E-mail;
The text of the user's message and other information provided by the user.
Automatically collected data:
IP address, Cookie data;
information about the user's browser, technical characteristics of the hardware and software used by the user;
the date and time of access to the site, the addresses of the requested pages and other similar information.
3.2. The personal data specified in clause 3.1 of the regulations are processed for the purpose of identifying users, ensuring the execution of the user agreement, providing personalized services and content to the user, improving the quality of the site and providing services, targeting advertising materials, conducting statistical and other research based on depersonalized personal data.
3.3. The processing of users' personal data is carried out with their consent. The user filling out the feedback form on the website in order to obtain the necessary information thereby expresses his full consent in accordance with Article 9 of the Federal Law of July 27, 2006 152-FZ "On Personal Data" to the automated, as well as without the use of automation tools, processing and use of his personal data.
4. Confidentiality of personal data
4.1. The information listed in Article 3 of this regulation is confidential. The operator ensures the confidentiality of personal data and is obliged to prevent their dissemination without the consent of customers, or the presence of other legal grounds.
4.2. All confidentiality measures in the collection, processing and storage of personal data of clients apply to both paper and electronic (automated) media.
4.3. The confidentiality regime of personal data is removed in cases of depersonalization or publication in publicly available sources (mass media, Internet, Unified State Register of Legal Entities and other public state registers).
5. Rights and obligations of the personal data operator
5.1. The processing of users' personal data is carried out by the operator with the consent of the subjects of personal data, except for the cases provided for in paragraph 5.2 of this Article.
5.2. The Company has the right, without the consent of the personal data subject, to process his personal data in the following cases:the processing of personal data is carried out on the basis of a federal law that establishes its purpose, the conditions for obtaining personal data and the range of subjects whose personal data are subject to processing, as well as defining the powers of the operator; personal data processing is carried out for the purpose of fulfilling the contract, one of the parties to which is the subject of personal data; personal data processing is carried out, subject to publication in accordance with federal laws, including personal data of persons holding public positions, positions of the state civil service, personal data of candidates for elected state or municipal positions.
5.3. When determining the scope and content of the user's personal data to be processed, the operator is guided by the Federal Law "On Personal Data", the user agreement. The Operator receives the user's personal data only to the extent necessary to achieve the legitimate purposes of collecting and processing personal data.
5.4. The Operator ensures the protection of the user's personal data from their misuse or loss at its own expense in accordance with the procedure established by federal law.
6. Rights of the personal data subject
6.1. The subject of personal data has the right to receive information about the operator, about his location, about the availability of personal data related to the relevant subject of personal data, as well as to get acquainted with such personal data. The subject of personal data has the right to require the operator to clarify his personal data, block or destroy them if the personal data is incomplete, outdated, unreliable, illegally obtained or are not necessary for the stated purpose of processing, as well as to take measures provided by law to protect his rights.
6.2. Information about the availability of personal data must be provided to the personal data subject by the operator in an accessible form, and they must not contain personal data related to other personal data subjects.
6.3. Access to your personal data is provided to the personal data subject or his legal representative when contacting or receiving a request from the personal data subject or his legal representative.
6.4. The subject of personal data has the right to withdraw consent to the processing of personal data, restrict the methods and forms of processing of personal data, prohibit the dissemination of personal data without his consent.
6.5. The subject of personal data has the right to appeal the actions or inaction of the operator to the authorized body for the protection of the rights of personal data subjects or in court.
6.6. The subject of personal data has the right to protect his rights and legitimate interests, including compensation for damages and compensation for moral damage in court.
7. Processing of personal data
7.1. The processing of personal data is carried out by the operator solely to achieve the goals defined by this regulation and the user agreement.
7.2. The processing of personal data by the operator consists in obtaining, systematization, accumulation, storage, clarification (updating, modification), use, distribution, depersonalization, blocking, destruction and protection from unauthorized access.
7.3. The site may also collect, record, systematize, accumulate, store, clarify (update and change), extract, use, depersonalize, block, delete, transfer (grant access) data about site visitors (including cookies) using Internet statistics services (Yandex.Metrica, Google Analytics).
7.4. The processing of personal data is carried out by the method of mixed (including automated) processing.
7.5. Only employees of the operator whose job responsibilities are directly related to access and work with the user's personal data may have access to the processing of the user's personal data.
7.6. In the case of a corresponding request from a personal data subject, the operator is obliged to make the necessary changes, destroy or block the relevant personal data upon the provision by the personal data subject or his legal representative of information confirming that the personal data that relate to the relevant subject and the processing of which is carried out by the operator are incomplete, outdated, unreliable, illegally obtained or are not necessary for the stated purpose of processing. The operator is obliged to notify the personal data subject or his legal representative and third parties to whom the personal data of this subject has been transferred about the changes made and the measures taken.
8. Transfer of personal data
8.1. The transfer of personal data is carried out by the operator only if it is necessary to fulfill the user agreement or provide certain services to the user with the user's consent.
8.2. The transfer of personal data to third parties is carried out by the operator only on the basis of the relevant agreement, the essential condition of which is the obligation of the third party to ensure the confidentiality of personal data and the security of personal data during their processing. This provision does not apply in the case of depersonalization of personal data and in relation to publicly available personal data.
8.3. The transfer of personal data to public authorities is carried out within their powers in accordance with applicable law.
9. Storage of personal data
9.1. Personal data may be stored electronically on the territory of Russia.
10. Protection of users' personal data
10.1. Information containing the user's personal data posted on electronic media is subject to protection.
10.2. When processing users' personal data, the Operator is obliged to take the necessary organizational and technical measures to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, dissemination of personal data, as well as from other illegal actions.
10.3. Protection of users' personal data stored in the operator's electronic databases from unauthorized access, distortion and destruction of information, as well as from other illegal actions, is provided by the operator's employees.
10.4. Protection of access to electronic databases containing personal data of users is provided by:
using antivirus and other software and hardware protection of the perimeter of the internal network, preventing unauthorized entry into the operator's local network;
differentiation of access rights using an account.
11. Responsibility for the disclosure of information containing the user's personal data
11.1. The operator's employees who are guilty of violating the rules governing the receipt, processing and protection of personal data are subject to disciplinary, administrative, civil or criminal liability in accordance with federal laws.
LLC "Forest Energy"
2023
