This personal data processing policy has been drawn up in accordance with the requirements of Federal Law No. 152-FZ of 27.07.2006 «On Personal Data» (hereinafter — the Personal Data Law) and defines the procedure for processing personal data and the measures for ensuring the security of personal data taken by LLC «AP Trade» (hereinafter — the Operator).
The Operator considers its most important goal and condition for carrying out its activities to be the observance of human and civil rights and freedoms in the processing of personal data, including the protection of the right to privacy, personal and family secrets.
This personal data processing Policy (hereinafter — the Policy) applies to all information that the Operator may obtain about visitors to the website https://ap-logistics.ru (hereinafter — the Site).
This Personal Data Processing Policy applies only to the Site https://ap-logistics.ru. The Site does not control and is not responsible for third-party websites that the User may access via links available on the Site.
The Operator processes the User's personal data only if it is filled in and/or submitted independently by the User through special forms located on the Site. By filling in the relevant forms and/or submitting their personal data to the Operator, the User expresses their agreement with this Policy.
The Operator processes anonymized data about the User if this is permitted in the User's browser settings (saving of «cookie» files and use of JavaScript technology is enabled).
The Policy applies to all personal data processed by Limited Liability Company «AP Trade» (hereinafter — the Operator).
The Policy covers relations in the area of personal data processing that arose for the Operator both before and after the approval of this Policy.
In fulfillment of the requirements of Part 2 of Art. 18.1 of the Personal Data Law, this Policy is published in open access on the Internet on the Operator's website.
2.1. Automated processing of personal data — processing of personal data using computing technology.
2.2. Blocking of personal data — temporary suspension of the processing of personal data (except in cases where processing is necessary for the clarification of personal data).
2.3. Website — a set of graphic and informational materials, as well as software and databases, ensuring their availability on the Internet at https://ap-logistics.ru.
2.4. Personal data information system — a set of personal data contained in databases and the information technologies and technical means ensuring their processing.
2.5. Depersonalization (anonymization) of personal data — actions that make it impossible to determine, without the use of additional information, whether personal data belongs to a specific User or other personal data subject.
2.6. Processing of personal data — any action (operation) or set of actions (operations) performed using automation tools or without using such tools on personal data, including collection; recording; systematization; accumulation; storage; updating (modification); extraction; use; transfer (dissemination, provision, access); depersonalization; blocking; deletion; destruction.
2.7. Operator — a state authority, municipal authority, legal entity or individual that independently or jointly with other persons organizes and/or carries out the processing of personal data, and also determines the purposes of personal data processing, the composition of personal data to be processed, the actions (operations) performed on personal data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable User of this Site.
2.9. Personal data permitted by the subject for dissemination — personal data to which an unlimited number of persons has been granted access by the personal data subject by giving consent to the processing of personal data permitted for dissemination in the manner prescribed by the Personal Data Law.
2.10. User — any visitor to the Site https://ap-logistics.ru.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or at familiarizing an unlimited number of persons with personal data, including publication of personal data in mass media, placement in information and telecommunication networks, or provision of access to personal data by any other means.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a foreign state authority, or to a foreign individual or foreign legal entity.
2.14. Destruction of personal data — any actions as a result of which personal data is destroyed irreversibly with no possibility of further restoration of the content of personal data in the personal data information system and/or as a result of which physical media of personal data is destroyed.
3.1. The Operator has the right to:
3.1.1. Receive from the personal data subject accurate information and/or documents containing personal data.
3.1.2. In the event that the personal data subject withdraws consent to the processing of personal data, the Operator has the right to continue processing personal data without the consent of the personal data subject if there are grounds specified in the Personal Data Law.
3.1.3. Independently determine the composition and list of measures necessary and sufficient to fulfill the obligations provided by the Personal Data Law and regulatory legal acts adopted in accordance with it, unless otherwise provided by the Personal Data Law or other federal laws.
3.1.4. Entrust the processing of personal data to another person on the basis of an agreement concluded with that person. The person processing personal data on behalf of the Operator is obliged to comply with the principles and rules for processing personal data provided by the Personal Data Law, maintain the confidentiality of personal data, and take the necessary measures to ensure compliance with the obligations provided by the Personal Data Law.
3.2. The Operator is obliged to:
3.2.1. Provide the personal data subject, upon request, with information relating to the processing of his/her personal data.
3.2.2. Organize the processing of personal data in the manner established by the current legislation of the Russian Federation.
3.2.3. Respond to appeals and requests from personal data subjects and their legal representatives in accordance with the requirements of the Personal Data Law.
3.2.4. Report to the authorized body for the protection of the rights of personal data subjects, upon request from that body, the necessary information within 30 days of the date of receipt of such request.
3.2.5. Publish or otherwise ensure unrestricted access to this Policy on the processing of personal data.
3.2.6. Take legal, organizational and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, dissemination of personal data, as well as from other unlawful actions with respect to personal data.
3.2.7. Cease the transfer (dissemination, provision, access) of personal data, cease processing and destroy personal data in the manner and cases provided by the Personal Data Law.
3.2.8. Fulfill other obligations provided by the Personal Data Law.
4.1. Personal data subjects have the right to:
4.1.1. Receive information relating to the processing of his/her personal data, except in cases provided by federal laws. Information is provided to the personal data subject by the Operator in an accessible form, and must not contain personal data relating to other personal data subjects, except in cases where there are legal grounds for disclosing such personal data.
4.1.2. Demand from the Operator the clarification of his/her personal data, their blocking or destruction if the personal data is incomplete, outdated, inaccurate, unlawfully obtained or is not necessary for the stated purpose of processing, as well as take measures provided by law to protect their rights.
4.1.3. Set the condition of prior consent when processing personal data for the purpose of market promotion of goods, works and services.
4.1.4. Withdraw consent to the processing of personal data.
4.1.5. Appeal to the authorized body for the protection of the rights of personal data subjects or to a court of law against unlawful actions or inaction of the Operator in the processing of his/her personal data.
4.1.6. Exercise other rights provided by the legislation of the Russian Federation.
4.2. Personal data subjects are obliged to:
4.2.1. Provide the Operator with accurate data about themselves.
4.2.2. Notify the Operator of the clarification (update, modification) of their personal data.
4.3. Persons who have provided the Operator with inaccurate information about themselves, or information about another personal data subject without the consent of the latter, shall be liable in accordance with the legislation of the Russian Federation.
5.1. The Operator processes the following personal data: last name, first name, patronymic; year of birth; month of birth; date of birth; place of birth; marital status; social status; property status; income; gender; email address; residential address; registration address; phone number; SNILS (individual insurance account number); TIN (taxpayer identification number); citizenship; identity document details; driver's license details; identity document details for travel outside the Russian Federation; birth certificate details; bank card details; current account number; personal account number; profession; position; employment information (including length of service, current employment data including organization name and bank account); military service status and military registration information; data collected through metric programs; education information; photo-video image of the person; voice data.
5.2. The Site also collects and processes anonymized visitor data using internet statistics services permitted under Russian Federation legislation.
5.3. The data listed above are hereinafter referred to collectively as Personal Data.
5.4. The Operator does not process special categories of personal data relating to racial or ethnic origin, political views, religious or philosophical beliefs, or intimate life.
5.5. Processing of personal data permitted for dissemination from among the special categories of personal data specified in Part 1 of Art. 10 of the Personal Data Law is allowed if the prohibitions and conditions provided by Art. 10.1 of the Personal Data Law are observed.
5.6. The User's consent to the processing of personal data permitted for dissemination is executed separately from other consents to the processing of their personal data, in accordance with the conditions provided, in particular, by Art. 10.1 of the Personal Data Law.
5.6.1. The User provides the Operator directly with consent to the processing of personal data permitted for dissemination.
5.6.2. The Operator is obliged, no later than three working days from the date of receipt of the User's consent, to publish information on the conditions of processing, the existence of prohibitions and conditions on processing by an unlimited number of persons of personal data permitted for dissemination.
5.6.3. The transfer (dissemination, provision, access) of personal data permitted by the personal data subject for dissemination must be stopped at any time at the request of the personal data subject. Such a request must include the last name, first name, patronymic (if any), contact information (phone number, email address or postal address) of the personal data subject, and a list of personal data whose processing is to be ceased.
5.6.4. Consent to the processing of personal data permitted for dissemination ceases to be valid from the moment the Operator receives the request specified in clause 5.6.3 of this Policy.
6.1. Processing of personal data is carried out on a lawful and fair basis.
6.2. Processing of personal data is limited to achieving specific, pre-defined and lawful purposes. Processing of personal data incompatible with the purposes of personal data collection is not permitted.
6.3. Merging of databases containing personal data whose processing is carried out for purposes incompatible with each other is not permitted.
6.4. Only those personal data that meet the purposes of their processing are subject to processing.
6.5. The content and scope of the personal data processed correspond to the stated purposes of processing. Excessive personal data processing in relation to the stated purposes of processing is not permitted.
6.6. When processing personal data, the accuracy, sufficiency and, where necessary, relevance of personal data in relation to the purposes of processing must be ensured. The Operator takes the necessary measures and/or ensures their implementation to delete or clarify incomplete or inaccurate data.
6.7. Storage of personal data is carried out in a form that allows identification of the personal data subject, for no longer than required by the purposes of personal data processing, unless the storage period is established by federal law or a contract in which the personal data subject is a party, beneficiary or guarantor. Processed personal data is destroyed or depersonalized upon achievement of the processing purposes or upon loss of the need to achieve those purposes, unless otherwise provided by federal law.
7.1. Processing of personal data is limited to achieving specific, pre-defined and lawful purposes. Processing of personal data incompatible with the purposes of personal data collection is not permitted.
7.2. Only those personal data that meet the purposes of their processing are subject to processing.
7.3. The Operator processes personal data for the following purposes:
7.3.1. Informing the User by sending emails.
7.3.2. Conclusion, execution and termination of civil law contracts.
7.3.3. Providing the User with access to services, information and/or materials contained on the website.
7.4. The Operator also has the right to send the User notifications about new products and services, special offers and various events. The User can always opt out of receiving informational messages by sending the Operator a letter to the email address 3pl@aptrade.ru.
7.5. Anonymized User data collected using internet statistics services is used to gather information about User actions on the Site and to improve the quality of the Site and its content.
7.6. Carrying out its activities in accordance with the charter of LLC «AP Trade», including concluding and executing contracts with counterparties.
7.7. Compliance with labor legislation within labor relations and other relations directly related thereto, including: assisting employees with employment, attracting and selecting candidates for positions at the Operator, ensuring the personal safety of employees, monitoring the quantity and quality of work performed, ensuring the safety of property, maintaining personnel and accounting records, completing and submitting required reporting forms to authorized bodies, and organizing the registration of employees in the compulsory pension and social insurance systems.
7.8. Processing of employees' personal data may only be carried out for the purposes of ensuring compliance with laws and other regulatory legal acts.
8.1. The legal grounds for the Operator's processing of personal data are:
8.1.1. Federal Law No. 152-FZ of 27.07.2006 «On Personal Data»; Federal Law No. 402-FZ of 06.12.2011 «On Accounting»; the Constitution of the Russian Federation; the Civil Code of the Russian Federation; the Labor Code of the Russian Federation; the Tax Code of the Russian Federation; Federal Law No. 14-FZ of 08.02.1998 «On Limited Liability Companies»; Federal Law No. 167-FZ of 15.12.2001 «On Compulsory Pension Insurance in the Russian Federation»; other regulatory legal acts governing relations associated with the Operator's activities.
8.1.2. Charter documents of the Operator.
8.1.3. Contracts concluded between the Operator and the personal data subject.
8.1.4. Federal laws and other regulatory legal acts in the field of personal data protection.
8.1.5. Consents of Users to the processing of their personal data, to the processing of personal data permitted for dissemination.
8.2. The Operator processes the User's personal data only if it is filled in and/or submitted independently by the User through special forms located on the Site or sent to the Operator by email. By filling in the relevant forms and/or submitting their personal data to the Operator, the User expresses their agreement with this Policy.
8.3. The Operator processes anonymized data about the User if this is permitted in the User's browser settings (saving of files and use of JavaScript technology is enabled).
8.4. The personal data subject independently decides to provide their personal data and gives consent freely, of their own will and in their own interest.
9.1. Processing of personal data is carried out with the consent of the personal data subject. Processing of personal data is carried out by the Operator in accordance with the requirements of the legislation of the Russian Federation.
9.2. Processing of personal data is necessary to achieve the purposes provided by an international treaty of the Russian Federation or law, and to exercise the functions, powers and obligations assigned to the Operator by Russian Federation legislation.
9.3. Processing of personal data is necessary for the administration of justice, execution of a judicial act, act of another body or official, subject to enforcement in accordance with Russian Federation legislation on enforcement proceedings.
9.4. Processing of personal data is necessary to perform a contract to which the personal data subject is a party, beneficiary or guarantor, as well as to conclude a contract at the initiative of the personal data subject or a contract under which the personal data subject will be a beneficiary or guarantor.
9.5. Processing of personal data is necessary to exercise the rights and legitimate interests of the Operator or third parties, or to achieve socially significant purposes, provided that the rights and freedoms of the personal data subject are not violated.
9.6. Processing of personal data to which access has been granted to an unlimited number of persons by the personal data subject or at their request (hereinafter — publicly available personal data) is carried out.
9.7. Processing of personal data subject to publication or mandatory disclosure in accordance with federal law is carried out.
9.8. Processing of personal data for each purpose specified in clause 7 of the Policy is carried out by means of:
9.9. Disclosure to third parties and dissemination of personal data without the consent of the personal data subject is not permitted, unless otherwise provided by federal law. Consent to the processing of personal data permitted by the personal data subject for dissemination is executed separately from other consents of the personal data subject to the processing of their personal data. Requirements for the content of such consent are established by the authorized body for the protection of the rights of personal data subjects (Order of Roskomnadzor No. 18 of 24.02.2021).
9.10. Transfer of personal data to investigative bodies, the Federal Tax Service, the Social Fund of Russia and other authorized executive authorities and organizations is carried out in accordance with the requirements of Russian Federation legislation.
9.11. The Operator takes necessary legal, organizational and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, dissemination and other unauthorized actions, including:
9.12. The Operator stores personal data in a form that allows identification of the personal data subject for no longer than required by each purpose of personal data processing, unless the storage period is established by federal law or a contract.
9.13. Personal data on paper media is stored at LLC «AP Trade» for the document retention periods established by the legislation on archiving in the Russian Federation (Federal Law No. 125-FZ of 22.10.2004 «On Archiving in the Russian Federation»).
9.14. The storage period for personal data processed in personal data information systems corresponds to the storage period for personal data on paper media.
9.15. The Operator ceases processing of personal data in the following cases:
9.16. Upon achievement of the purposes of personal data processing, and in the event that the personal data subject withdraws consent to their processing, the Operator ceases processing of such data, unless otherwise provided by a contract, applicable law, or another agreement between the Operator and the personal data subject.
9.17. Upon a personal data subject's request to the Operator to cease processing of personal data, processing shall be ceased within 10 working days of the date of the Operator's receipt of the request, except in cases provided by the Personal Data Law. The specified period may be extended by no more than five working days.
9.18. When collecting personal data, including via the Internet, the recording, systematization, accumulation, storage, updating (modification) and extraction of personal data of Russian Federation citizens using databases located outside the Russian Federation is not permitted, except in cases specified in the Personal Data Law.
10.1. The Operator ensures the safety of personal data and takes all possible measures to exclude access to personal data by unauthorized persons.
10.2. The User's personal data will never, under any circumstances, be transferred to third parties, except in cases related to the execution of applicable legislation or when the personal data subject has given consent to the Operator to transfer data to a third party to fulfill obligations under a civil law contract.
10.3. If inaccuracies are identified in personal data, the User may update them independently by sending the Operator a notification to the Operator's email address marked «Update of Personal Data».
10.4. The period for processing personal data is determined by the achievement of the purposes for which the personal data was collected, unless a different period is provided by a contract or applicable law. The User may at any time withdraw their consent to the processing of personal data by sending the Operator a notification via email to 3pl@aptrade.ru marked «Withdrawal of Consent to Personal Data Processing».
10.5. All information collected by third-party services, including payment systems, communication services and other service providers, is stored and processed by those persons in accordance with their User Agreement and Personal Data Processing Policy. The Operator is not responsible for the actions of third parties.
10.6. Prohibitions established by the personal data subject on the transfer (other than granting access), as well as on the processing or conditions of processing (other than gaining access) of personal data permitted for dissemination, do not apply in cases of personal data processing in state, public and other public interests determined by Russian Federation legislation.
10.7. The Operator ensures the confidentiality of personal data during processing.
10.8. The Operator stores personal data in a form that allows identification of the personal data subject for no longer than required by the purposes of personal data processing, unless the storage period is established by federal law or a contract.
10.9. The condition for ceasing personal data processing may be the achievement of the processing purposes, the expiry or withdrawal of the personal data subject's consent, or the detection of unlawful personal data processing.
10.10. Conditions and timelines for the destruction of personal data by the Operator:
10.11. Upon achievement of the purpose of personal data processing, and in the event of withdrawal by the personal data subject of consent to their processing, personal data is subject to destruction, unless otherwise provided by a contract, applicable law, or another agreement between the Operator and the personal data subject.
11.1. The Operator carries out the collection, recording, systematization, accumulation, storage, updating (modification), extraction, use, transfer (dissemination, provision, access), depersonalization, blocking, deletion and destruction of personal data.
11.2. The Operator carries out automated processing of personal data with or without the receipt and/or transfer of the information obtained via information and telecommunication networks.
12.1. Before carrying out cross-border transfer of personal data, the Operator is obliged to ensure that the foreign state to whose territory it is planned to transfer personal data provides reliable protection of the rights of personal data subjects.
12.2. Cross-border transfer of personal data to territories of foreign states that do not meet the above requirements may only be carried out with the written consent of the personal data subject to the cross-border transfer of their personal data and/or for the performance of a contract to which the personal data subject is a party.
13.1. The Operator and other persons who have gained access to personal data are obliged not to disclose to third parties and not to disseminate personal data without the consent of the personal data subject, unless otherwise provided by federal law.
14.1. The User may obtain any clarifications on matters of interest concerning the processing of their personal data by contacting the Operator via email at 3pl@aptrade.ru.
14.2. The current version of the Policy is freely available on the Internet at https://ap-logistics.ru.
14.3. Any changes to the Operator's personal data processing policy will be reflected in this document. The Policy is valid indefinitely until replaced by a new version.