Privacy Policy

1. General Provisions
This personal data processing policy is drawn up in accordance with the requirements of the Federal Law No. 152-FZ dated 27.07.2006 “On Personal Data” (hereinafter — the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data taken by Bilgich Alexandra Stanislavovna (hereinafter — the Operator).
1.1. The Operator considers compliance with the rights and freedoms of individuals during the processing of their personal data, including protection of privacy, personal and family secrets, to be a primary goal and condition for its activities.
1.2. This Operator’s policy regarding personal data processing (hereinafter — the Policy) applies to all information that the Operator may obtain about visitors of the website https://sashabilgich.com.

2. Key Terms Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computing technology.
2.2. Blocking of personal data — temporary cessation of personal data processing (except when processing is necessary for clarifying personal data).
2.3. Website — a set of graphic and informational materials, as well as computer programs and databases ensuring their availability on the Internet at the address https://sashabilgich.com.
2.4. Personal data information system — a set of personal data contained in databases and information technologies and technical means ensuring their processing.
2.5. Anonymization of personal data — actions making it impossible to determine the personal data subject without additional information.
2.6. Processing of personal data — any action or set of actions performed using automation tools or without them with personal data, including collection, recording, systematization, accumulation, storage, updating, extraction, use, transfer, anonymization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state body, municipal body, legal or physical person independently or jointly organizing and/or performing personal data processing, determining the purposes of processing, the personal data to be processed, and actions performed with the data.
2.8. Personal data — any information relating directly or indirectly to an identified or identifiable user of the website https://sashabilgich.com.
2.9. Personal data permitted by the personal data subject for dissemination — personal data the unlimited circle of persons can access by consent of the subject, in accordance with the Personal Data Law.
2.10. User — any visitor of the website https://sashabilgich.com.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or circle of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an undefined circle of persons or making them publicly available through media, information and telecommunications networks, or otherwise.
2.13. Cross-border transfer of personal data — transfer of personal data to a foreign state’s authorities, foreign individuals, or foreign legal entities.
2.14. Destruction of personal data — any actions that irrevocably destroy personal data making further recovery impossible in the information system or physical destruction of the media.

3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to:
— receive accurate information and/or documents containing personal data from the subject;
— continue processing personal data without consent in cases provided by law if consent is withdrawn or a demand to stop processing is made;
— independently determine the list of necessary measures to comply with the Personal Data Law and related regulations unless otherwise provided by law.
3.2. The Operator is obliged to:
— provide the subject with information about processing upon request;
— organize processing in compliance with Russian legislation;
— respond to inquiries from subjects and their representatives per the Personal Data Law;
— provide requested information to the authorized body within 10 days;
— publish or ensure unrestricted access to this Policy;
— take legal, organizational, and technical measures to protect personal data from unauthorized access, destruction, alteration, blocking, copying, distribution, and other unlawful acts;
— cease transfer, processing, and destroy personal data as required by law;
— fulfill other duties prescribed by the Personal Data Law.

4. Main Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information about processing except where restricted by law;
— require correction, blocking, or destruction of inaccurate, outdated, or illegally obtained data;
— impose prior consent requirements for data processing for marketing purposes;
— withdraw consent and demand cessation of processing;
— appeal unlawful actions or inactions of the Operator;
— exercise other rights provided by Russian legislation.
4.2. Personal data subjects are obliged to:
— provide truthful data about themselves;
— notify the Operator of updates or corrections to their data.
4.3. Persons providing false information about themselves or another subject without consent bear responsibility under Russian law.

5. Principles of Personal Data Processing
5.1. Processing is performed lawfully and fairly.
5.2. Processing is limited to specific, predetermined, lawful purposes. Incompatible processing is not allowed.
5.3. Databases containing data for incompatible purposes shall not be merged.
5.4. Only personal data relevant to processing purposes are processed.
5.5. The content and volume of processed data correspond to declared purposes, avoiding excessiveness.
5.6. Accuracy, sufficiency, and relevance of personal data are ensured; incomplete or inaccurate data are updated or deleted.
5.7. Personal data are stored in a form allowing identification no longer than necessary, unless otherwise established by law or contract. Data are anonymized or destroyed after achieving processing purposes.

6. Purposes of Personal Data Processing
Purpose: Informing the User via email.
Personal data: surname, name, patronymic; email address; phone numbers.
Legal grounds: contracts between the Operator and the data subject.
Types of processing: collection, recording, systematization, accumulation, storage, destruction, and anonymization.

7. Conditions for Processing Personal Data
7.1. Processing is performed with consent.
7.2. Processing is necessary for goals under international treaties or Russian law for the Operator’s functions.
7.3. Processing is necessary for justice, enforcement of court orders or other lawful acts.
7.4. Processing is necessary for contract execution involving the subject.
7.5. Processing is necessary to protect rights and interests or for public purposes without violating rights.
7.6. Processing of publicly available data by the subject or at their request.
7.7. Processing of data subject to mandatory disclosure by law.

8. Procedure for Collection, Storage, Transfer, and Other Processing
The Operator ensures personal data security through legal, organizational, and technical measures compliant with applicable legislation.
8.1. The Operator protects personal data against unauthorized access.
8.2. User personal data will never be transferred to third parties except by law or with user consent for contract execution.
8.3. Users may update their data by notifying the Operator at sashabilgich@gmail.com with the subject “Personal Data Update.”
8.4. The data processing period is determined by achieving its purposes unless otherwise stipulated. Users may withdraw consent anytime by email with the subject “Withdrawal of Consent to Personal Data Processing.”
8.5. Information collected by third-party services is stored and processed according to their own policies; the Operator is not responsible for third-party actions.
8.6. User-imposed restrictions on data dissemination or processing do not apply to public interests as defined by law.
8.7. Confidentiality of personal data is maintained by the Operator.
8.8. Personal data are stored in identifiable form no longer than necessary.
8.9. Processing may cease upon achievement of purposes, consent withdrawal, or unlawful processing detection.

9. List of Actions Performed by the Operator with Personal Data
9.1. The Operator collects, records, systematizes, accumulates, stores, updates, extracts, uses, transfers, anonymizes, blocks, deletes, and destroys personal data.
9.2. Automated processing may include transmission over telecommunications networks.

10. Cross-border Transfer of Personal Data
10.1. The Operator must notify the authorized body before beginning cross-border transfers (separately from notification on data processing).
10.2. The Operator must obtain relevant information from foreign authorities or entities before transfer.

11. Confidentiality of Personal Data
The Operator and others with access must not disclose or distribute personal data without consent unless required by law.

12. Final Provisions
12.1. Users may request clarifications regarding their data processing by contacting the Operator at sashabilgich@gmail.com.
12.2. Any changes to the Policy will be reflected in this document. The Policy is valid indefinitely until replaced by a new version.
12.3. The current Policy version is freely available at https://sashabilgich.com/privacy-policy.