This Policy regarding the processing of personal data (hereinafter - the “Policy”) is prepared in accordance with paragraph 2, part 1, article 18.1 of the Federal Law of the Russian Federation “On Personal Data” № 152-FZ of July 27, 2006 (hereinafter - the “Law”) and defines the position of Smart Unit LLC in the field of processing and protection of personal data (hereinafter - the “Data”), respect for the rights and freedoms of each person and, in particular, the right to privacy, personal and family secrecy.

This Policy applies to Data collected both before and after this Policy is put into effect.

Realizing the importance and value of Data, as well as taking care to respect the constitutional rights of citizens of the Russian Federation and citizens of other states, the Company ensures reliable protection of Data.

Data means any information related to a directly or indirectly identified or defined individual (citizen), i.e. such information, in particular, includes: surname, first name, patronymic, e-mail, phone number, ip address, Country, Region, City, City District, Index, Address, Company, Email, Comment.

Data processing means any action (operation) or set of actions (operations) with Data performed with the use of automation tools and/or without the use of such tools. Such actions (operations) include: collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of Data.

Data security means the protection of Data from unlawful and/or unauthorized access, destruction, modification, blocking, copying, provision, distribution of Data, as well as from other unlawful actions in relation to Data.

The Company shall process and ensure the security of Data in accordance with the requirements of the Constitution of the Russian Federation, the Law, the Labor Code of the Russian Federation, bylaws, other federal laws of the Russian Federation defining the cases and peculiarities of Data processing, guiding and methodological documents of the Federal Service for Technical and Export Control of Russia and the Federal Security Service of Russia.

The subjects of the Data processed by the Company are: clients - consumers, including visitors to the https://smartunit.pro/ website owned by the Company, including for the purpose of making an application.

The Company shall process Data Subjects for the following purposes: to fulfill the functions, powers and duties assigned to the Company by the legislation of the Russian Federation in accordance with federal laws, including, but not limited to: Civil Code of the Russian Federation, Tax Code of the Russian Federation, Labor Code of the Russian Federation, Family Code of the Russian Federation, Federal Law dated 01.04.1996. No. 27-FZ “On Individual (Personified) Accounting in the Compulsory Pension Insurance System”, Federal Law No. 152-FZ “On Personal Data” dated 27.07.2006, Federal Law No. 53-FZ “On Military Duty and Military Service” dated 28.03.1998, Federal Law No. 31-FZ “On Mobilization” dated 26.02.1997. No. 31-FZ “On Mobilization Preparation and Mobilization in the Russian Federation”, Federal Law No. 14-FZ “On Limited Liability Companies” dated 8.02.1998, Federal Law No. 2300-1 dated 07.02.1992 “On Protection of Consumer Rights”, Federal Law No. 129-FZ “On Accounting” dated 21.11.1996. No. 129-FZ “On Accounting”, Federal Law of 29.11.2010 No. 326-FZ “On Compulsory Medical Insurance in the Russian Federation”, Customers - consumers in order to: provide information on goods/services, ongoing promotions and special offers; informing about the status of the order;

When processing Data, the Company adheres to the following principles: Data processing is carried out on a lawful and fair basis; Data is not disclosed to third parties and is not distributed without the consent of the Data subject, except in cases requiring disclosure of Data at the request of authorized state authorities or legal proceedings; specific legitimate purposes are defined before the start of processing (including collection) of Data; only Data that is necessary and sufficient for the stated purpose of processing is collected; data bases are merged; and Data is collected only for the purpose of processing.

The Company may include the Data of the Data Subjects in publicly available Data sources, whereby the Company takes the written consent of the Data Subject to the processing of his/her Data, or by expressing consent through a website form, by clicking on which the Personal Data Subject expresses his/her consent.

The Company does not process Data relating to race, nationality, political views, religious, philosophical and other beliefs, intimate life, membership of public associations, including trade unions.

Biometric Data (information that characterizes physiological and biological features of a person, on the basis of which it is possible to establish his/her identity and which is used by the operator to establish the identity of the Data subject) is not processed in the Company.

The Company does not carry out cross-border transfer of Data.

In cases stipulated by the legislation of the Russian Federation, the Company may transfer Data to third parties (federal tax service, state pension fund and other state bodies) in cases stipulated by the legislation of the Russian Federation.

The Company has the right to entrust the processing of Data Subjects' Data to third parties with the consent of the Data Subject on the basis of an agreement concluded with such parties, including consent to the User Agreement and the Personal Data Processing Policy posted on the website.

Persons processing Data on the basis of a contract (operator's order) concluded with the Company undertake to comply with the principles and rules of Data processing and protection provided by the Law. For each third party, the contract defines the list of actions (operations) with Data to be performed by the third party processing the Data, the purposes of processing, establishes the obligation of the third party to maintain confidentiality and ensure the security of Data during their processing, and specifies the requirements for the protection of processed Data in accordance with the Law.

In order to fulfill the requirements of the applicable laws of the Russian Federation and its contractual obligations, the Company processes Data both with and without the use of automation tools. The totality of processing operations includes collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (provision, access), depersonalization, blocking, deletion, destruction of Data.

The Company is prohibited from making decisions based solely on automated processing of Data that give rise to legal consequences in relation to the Data subject or otherwise affect his/her rights and legitimate interests, except in cases provided for by the legislation of the Russian Federation.

The Data Subject whose Data is processed by the Company has the right:

- receive from the Company: confirmation of the fact of Data processing and information on the availability of Data related to the respective Data Subject; information on the legal basis and purposes of Data processing; information on the methods of Data processing applied by the Company; information on the name and location of the Company; information on persons (except for Company employees) who have access to Data or to whom Data may be disclosed on the basis of a contract with the Company or on the basis of federal law; a list of the Data processed related to the Data Subject

- to demand from the Company: to clarify his/her Data, block or destroy it if it is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing; to withdraw his/her consent to the processing of Data at any time; to demand the elimination of unlawful actions of the Company in relation to his/her Data; to appeal against actions or omissions of the Company to the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) or in court in the case of a violation of his/her rights and legitimate interests, including compensation for losses and/or compensation for moral damage in court.

- to protect his/her rights and legitimate interests, including compensation for losses and/or compensation for moral damage in court.

In the process of Data processing, the Company is obliged to: provide the Data subject, upon his/her request, with information concerning the processing of his/her Data, or legally refuse to do so within thirty days from the date of receipt of the Data subject's or his/her representative's request; explain to the Data subject the legal consequences of refusing to provide Data, if the provision of Data is mandatory in accordance with federal law; provide the Data subject with the following information prior to the commencement of Data processing (if the Data is not received from the Data subject)

1) name or surname, name, patronymic and address of the Company or its representative;

2) the purpose of Data processing and its legal basis;

3) the intended users of the Data;

4) the rights of Data subjects established by law;

5) the source of obtaining Data. to take the necessary legal, organizational and technical measures or ensure their adoption to protect Data from unlawful or accidental access, destruction, modification, blocking, copying, provision, dissemination of Data, as well as from other unlawful actions in relation to Data; to publish on the Internet and provide unrestricted access via the Internet to the document defining its policy in relation to Data processing, to the information on the protection requirements implemented by the Company and to the data protection policy.

Provide Data subjects and/or their representatives with the opportunity to familiarize themselves with the Data upon request within 30 days from the date of receipt of such a request; block the unlawfully processed Data related to the Data subject or ensure their blocking (if the Data processing is carried out by another person acting on behalf of the Company) from the moment of request or receipt of a request for the period of verification, in case of detection of unlawful processing of Data upon request of the Data subject or his/her representative; cease unlawful processing of Data or ensure the cessation of unlawful processing of Data by a person acting on behalf of the Company, in case of detection of unlawful processing of Data carried out by the Company or a person acting on the basis of a contract with the Company, within a period not exceeding 3 working days from the date of such detection; cease processing of Data or ensure its cessation (if the processing of Data is carried out by another person acting on the basis of a contract with the Company) and destroy it

Data or ensure their destruction (if Data processing is carried out by another person acting under a contract with the Company) after the purpose of Data processing has been achieved, unless otherwise provided for in the contract to which the Data subject is a party, beneficiary or guarantor, if the purpose of Data processing has been achieved; stop Data processing or ensure its termination and destroy Data or ensure their destruction if the Data subject revokes his/her consent to Data processing, if the Company does not have the right to carry out Data processing, or if the Data subject revokes his/her consent to Data processing, if the Company does not have the right to carry out Data processing.

When processing Data, the Company takes the necessary legal, organizational and technical measures to protect Data from unlawful and/or unauthorized access to it, destruction, modification, blocking, copying, provision, distribution of Data, as well as from other unlawful actions in relation to Data.

Such measures, in accordance with the Law, include, in particular: appointment of the person responsible for organizing the processing of Data and the person responsible for ensuring Data security; development and approval of local acts on the processing and protection of Data; application of legal, organizational and technical measures to ensure Data security:

• Identification of threats to the security of Data during their processing in personal data information systems;


• application of organizational and technical measures to ensure the security of Data during their processing in personal data information systems, necessary to meet the requirements for the protection of Data, the execution of which ensures the levels of Data protection established by the Government of the Russian Federation;


• use of information protection means that have passed the conformity assessment procedure in accordance with the established procedure;


• assessment of the effectiveness of the measures taken to ensure the security of Data prior to the commissioning of the personal data information system;


• accounting of machine data carriers, if the Data is stored on machine data carriers;


• detecting unauthorized access to Data and taking measures to prevent such incidents in the future;


• recovery of Data modified or destroyed due to unauthorized access to it;


• establishing the rules of access to the Data processed in the personal data information system, as well as ensuring the registration and recording of all actions performed with the Data in the personal data information system. control over the measures taken to ensure Data security and the level of protection of personal data information systems;


• assessment of the harm that may be caused to Data subjects in case of violation of the requirements of the Law, the correlation between the said harm and the measures taken by the Company to ensure fulfillment of the obligations stipulated by the Law;


• observance of conditions preventing unauthorized access to the material carriers of Data and ensuring the safety of Data;


• Familiarization of the Company's employees who directly process Data with the provisions of the Russian Federation Data legislation, including Data protection requirements, local acts on Data processing and protection, and training of the Company's employees.

Data processing (storage) terms are determined based on the purposes of Data processing, in accordance with the term of the agreement with the Data subject, the requirements of federal laws, the requirements of Data operators, on behalf of whom the Company processes Data, the basic rules of work of archives of organizations, statutes of limitation.

Data whose processing (storage) period has expired shall be destroyed, unless otherwise provided for by federal law. Storage of Data after termination of their processing is allowed only after their depersonalization.

Persons whose Data is processed by the Company may obtain clarifications on the processing of their Data by contacting the Company in person or by sending a written request to the Company's registered office at the following address: 1 Lenin Ave. 706, Yakutsk, Republic of Sakha (Yakutia), 677000, Republic of Sakha (Yakutia). If an official request is sent to the Company, the text of the request must include: the surname, first name, patronymic of the Data Subject or his/her representative; the number of the main identity document of the Data Subject or his/her representative, information about the date of issue of this document and the issuing authority; information confirming the Data Subject's relationship with the Company; information for feedback in order for the Company to respond to the request; signature of the Data Subject (or his/her representative). If the request is sent electronically, it must be executed as an electronic document and signed with an electronic signature in accordance with the legislation of the Russian Federation.

The Company processes Data coming from users of the Website from the resource: https://smartunit.pro/ (hereinafter - the Website), as well as those coming to the Company's e-mail addresses web@smartunit.pro.

Сбор Данных Существуют два основных способа, с помощью которых Компания получает Данные с помощью сети Интернет:

1. Предоставление Данных Предоставление Данных (самостоятельный ввод данных): фамилия имя отчество электронная почта номер телефона Страна Область Город Район города Индекс Адрес Компания Факс E-mail Комментарий

2. Субъектами Данных путем поступления на адрес электронной почты Компании: web@smartunit.pro.

Automatically collected information The Company may collect and process information that is not personal data: ip address information about the interests of users on the Site on the basis of entered search queries of users of the Site about the goods sold and offered for sale by the Company in order to provide relevant information to the Company's customers when using the Site, as well as the generalization and analysis of information about what sections of the Site and goods are in the greatest demand among the Company's customers; processing and storage of search queries; processing and storage of information about the interests of users on the Site. The Company automatically receives some types of information received in the course of users' interaction with the Site, e-mail correspondence, etc. This refers to technologies and services such as web protocols, cookies, web tags, and applications and tools of a specified third party. That said, web tags, cookies and other monitoring technologies do not automatically make it possible to receive Data. If a user of the Site provides their Data at their own discretion, for example when filling out a feedback form or sending an e-mail, only then are processes for automatically collecting detailed information triggered for the usability of the web sites and/or to improve user interaction.

Use of Data The Company has the right to use the provided Data in accordance with the stated purposes of its collection with the consent of the Data subject, if such consent is required in accordance with the requirements of the legislation of the Russian Federation in the field of Data. The Data obtained in generalized and anonymized form may be used to better understand the needs of customers of goods and services sold by the Company and to improve the quality of service.

Data transfer The Company may entrust the processing of Data to third parties only with the consent of the Data subject. Data may also be transferred to third parties in the following cases: a) As a response to lawful requests of authorized public authorities, in accordance with laws, court decisions, etc. b) Data may not be transferred to third parties for marketing, commercial and other similar purposes, except with the prior consent of the Data subject.

The Site contains links to other web resources, which may contain useful and interesting information for the Site users. This Policy does not apply to such other sites. Users who follow links to other websites are advised to familiarize themselves with the Data Processing Policies posted on such websites.

The User of the Website may withdraw his/her consent to the processing of Data at any time by sending a message to the Company's e-mail address: web@smartunit.pro, or by sending a written notice to the Company's address: 677000, Republic of Sakha (Yakutia), Yakutsk, Lenin Avenue, 1, office 706. Upon receipt of such notice, the processing of User Data will be terminated and the User Data will be deleted, unless the processing may be continued in accordance with the law. Final provisions This Policy is a local regulatory act of the Company. This Policy is publicly available. Public availability of this Policy is ensured by publication on the Company's Website. This Policy may be revised in any of the following cases: in case of changes in the legislation of the Russian Federation in the field of processing and protection of personal data; in case of receiving instructions from competent state authorities to eliminate inconsistencies affecting the scope of the Policy; by decision of the Company's management; in case of changes in the purposes and terms of Data processing; in case of changes in the organizational structure, the structure of information and/or telecommunication systems (or introduction of new ones); in case of application of new technologies.

In case of failure to comply with the provisions of this Policy, the Company and its employees shall be liable in accordance with the applicable laws of the Russian Federation. Control over compliance with the requirements of this Policy shall be exercised by persons responsible for the organization of the Company's Data processing, as well as for the security of personal data.