East Mining Company LLC Data Processing and Security Policy
The policy regarding the processing of the personal data (hereinafter referred to as the Policy) shall be aimed at protecting the rights and freedoms of individuals whose the personal data are processed by East Mining Company LLC (taxpayer identification number 7705974044, principal state registration number 5117746057941) (hereinafter referred to as the “Company”).
In accordance with the Russian Federation laws in effect, the Company shall act as the operator of the personal data. When organizing and processing the processing of the personal data, the Company shall comply with the requirements of Federal the personal data Act No. 152-FZ dated July 27, 2006 and other legal regulatory acts adopted in accordance therewith.
For the purposes of this Policy, the personal data shall mean means any information provided through the web sites of the Company and (or) collected using such web sites related to a directly or indirectly defined, or determined to an individual (personal data subject).
The Company's site https://www.eastmining.ru/ shall store some statistical information that is automatically transmitted during the viewing of ad units and when visiting pages:
- IP address of the user;
- Information from cookies;
- Type of browser;
- Date, time and number of visits;
- Address of the site from which the user made the transition to the site of the Company;
- Information about the location;
- Information about visited pages, about viewing advertising banners;
- Information provided by the browser of the subject of the personal data (device type, browser type and version, operating system, etc.).
The Company's site shall collect the statistics about the IP addresses of its visitors. This information shall be used to identify and solve technical problems.
Principles and conditions for the processing of the personal data
The processing of the personal data in the Company shall be carried out on a legal and fair basis and limited by achievement of the specific, predefined and legal purposes.
The processing shall cover only the personal data, which meet the purposes of their processing. The content and volume of the personal data processed in the Company shall correspond to the stated processing objectives; no redundancy of the processed the personal data shall be allowed.
When processing the personal data, the Company shall ensure the accuracy of the personal data, their sufficiency and, if necessary, the relevance to the purposes of processing the personal data. The Company shall undertake the necessary efforts (ensure adoption thereof) in order to remove or update any incomplete or inaccurate the personal data.
In the course of its activities, the Company may provide and (or) entrust processing of the personal data to another person with the consent of the personal data subject, unless otherwise may be provided by the laws of the Russian Federation with respect to the personal data. At the same time, an obligatory condition for granting and (or) ordering the processing of the personal data to another person shall comprise the obligation of the parties to observe confidentiality and ensure the security of the personal data when processing them.
The processing times for the personal data shall be determined in accordance with the purposes for which they were collected.
Processing of the personal data of subjects of the personal data
The Company shall process the personal data of subjects of the personal data of vacant positions (hereinafter referred to as the personal data subjects), which are entered into the data fields on the website https://www.eastmining.ru/.
- The Company shall process the personal data of subjects including, but not limited to:
- Full Name;
- Passport data;
- Registered address and place of residence;
- Date of birth;
- Contact phone number, registered address, address of residence;
Implementation of the requirement for the protection of the personal data
In order to maintain its business reputation and ensure compliance with the requirements of federal laws, the Company shall assume the most important tasks being provision of the legal processing of the personal data in the Company's business processes and provision of the appropriate level of security with respect to the personal data processed in the Company.
The Company shall require other persons who may have access to the personal data not to disclose to any third parties or distribute the personal data without the consent of the subject of the personal data, unless otherwise provided by federal act.
In order to ensure the security of the personal data in the course of processing the same, the Company shall undertake the necessary and sufficient legal, organizational and technical measures in order to protect the personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, distribution of the personal data, as well as from other wrongful acts against them.
The Company shall seek to ensure that all the measures implemented by it for the organizational and technical protection of the personal data are carried out on legal grounds, in particular, in accordance with the requirements of the laws of the Russian Federation with respect to processing of the personal data.
In order to ensure adequate protection of the personal data, the Company shall carry out an assessment of the harm that may be caused to the personal data subjects in the event of a breach of the security of their the personal data as well as determine the current threats to security of the personal data when processed by the personal data processing systems.
In accordance with the identified actual threats, the Company shall undertake the necessary and sufficient legal, organizational and technical measures in order to provide security of the personal data, in particular, by means of the information security tools, detection of unauthorized access to the personal data and measures to be provided for restoration of the personal data, restriction of access to the personal data, registration and recording of actions with the personal data, as well as monitoring and evaluation of the effectiveness of measures applied to provide the security of the personal data.
The Company's management shall be aware of the importance and necessity of ensuring security of the personal data and encourage the continuous improvement of the system for protection of the personal data processed within the framework of the Company's core business.The Company shall be responsible for the organization of processing and ensuring the security of the personal data.
Each new employee of the Company who may directly process the personal data shall be familiarized with the requirements of the laws of the Russian Federation with respect to processing and ensuring the security of the personal data, this Policy, and other local acts of the Company with respect to processing and security of the personal data and undertake to comply therewith.
Rights of subjects of the personal data
The subject of the personal data shall reserve the following rights:
- to receive the personal data relating to this subject and information regarding processing thereof;
- to clarify, block or destroy the own personal data if they are incomplete, obsolete, inaccurate, illegally obtained or are not necessary for the stated purpose of such processing;
- to protect the own rights and legal interests, including indemnification with respect to losses and compensation for the moral harm at the court;
- to claim against any actions or omissions of the Company to the authorized body for protection of the rights of subjects of the personal data or to the court.
In order to exercise the own rights and legal interests, the personal data subjects shall reserve the right to appeal to the Company by mailing to the Company’s address or by e-mail: firstname.lastname@example.org.