PERSONAL DATA PROCESSING AND PROTECTION POLICY

 

This Personal Data Processing and Protection Policy (hereinafter referred to as the Policy) describes how the Greenlight Limited Liability Company (also referred to as "Greenlight", "we", "our") processes personal data on the Greenlight website.

Greenlight strives to preserve the inviolability of your personal information and the confidentiality of your personal data.

By downloading our website on your computer, mobile device, and entering your personal data into web forms, you voluntarily provide your unconditional, informed, and conscious consent to the collection, processing, storage, use, and subsequent transfer of your personal data to the Greenlight CRM system.

You can use these contacts to promptly contact us regarding the processing of personal data.:

123 Karl Marx St., room No. 3, Krasnoyarsk, 660049

8(391)223-85-85, 8(391)290-40-49

info@grlight.ru

Greenlight processes personal data on the website www.grlight.ru and in the 1C-Bitrix24 computer program (the Greenlight CRM system). We attach great importance to protecting your privacy and the security of your personal data.

Greenlight assumes that the User acts in good faith, prudently, provides reliable and sufficient personal information and makes all necessary efforts to keep such information up to date.

We comply with the requirements of Russian legislation in the field of personal data. When processing personal data, we adhere to the principles set out in art. 5 of Federal Law No. 152-FZ dated 27.07.2006 "On Personal Data" (hereinafter – FZ-152).

We ask you to carefully study the Policy in order to understand for what purposes we process your personal data, as well as how you can exercise your rights with respect to your personal data processed by us.

If you have any questions related to the Policy, including suggestions for improving its understanding and navigation, or have questions about our processing and protection of your personal data, you can contact us using one of the methods listed in the section "How you can exercise your rights".

Terms that you may find in our Policy:

Personal data is any information related directly or indirectly to a specific or identifiable natural person (personal data subject).

Personal data operator (operator) is a state body, municipal body, legal entity or individual who independently or jointly with other persons organize and (or) process personal data, as well as determine the purposes of personal data processing, the composition of personal data to be processed, and actions (operations) performed with personal data.

Personal data processing is any action (operation) or set of actions (operations) with personal data performed with or without automation tools. The processing of personal data includes, among other things: collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction.

Automated personal data processing is the processing of personal data using computer technology.

Dissemination of personal data is an action aimed at disclosing personal data to an unspecified group of people.

Providing personal data is an action aimed at disclosing personal data to a specific person or a specific group of people.

Blocking of personal data is the temporary termination of the processing of personal data (except in cases where the processing is necessary to clarify personal data).

Destruction of personal data – actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which the material carriers of personal data are destroyed.

Depersonalization of personal data is an action that makes it impossible to determine whether personal data belongs to a specific personal data subject without using additional information.

The personal data information system is a set of personal data contained in databases and ensuring their processing, information technologies and technical means.

Cross–border transfer of personal data is the transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual or a foreign legal entity.

Scope of application

The Policy is intended to inform you about our actions to collect, process and protect your personal data in order to achieve our stated goals of processing personal data on the site. www.grlight.ru . The purposes of processing personal data are indicated in the section "For what, for how long, on what basis and what your data we process".

Please note that our website may contain links to resources from other service providers that we do not control and that are not covered by the Policy.

Collection of personal data of minors

Our website is not intended for processing personal data of minors. Greenlight does not provide services to persons under the age of 18. If you have reason to believe that a minor has provided us with his personal data through the website, please let us know by emailing info@grlight.ru .

Why, for how long, on what basis, and what kind of your data we process

If you visit our website, we will process the following data:

- about the user's device (operating system), user clicks, your city, page views, field filling, banner and video views, data characterizing audience segments, session parameters, and visit time data.

If you contact us through the feedback forms on our website, we will process your data to respond to your request.

We will use your:

- name;

- last name;

- company name;

- e-mail (e-mail);

- phone number;

If your transportation order is posted on our website by filling out feedback forms, we will use your following data (the data is needed in order to calculate the optimal customs rate, rate and route of transportation):

- points of departure and receipt of cargo;

- company name;

- cargo name;

- name;

- cargo weight;

-        e-mail;

- quantity;

- phone number.

Your consent, which is given by ticking the box under the feedback form, is the basis:

- processing of the listed personal data, including in the CRM system "Greenlight" (in the computer program "1C-Bitrix24", where the processor under the contract for the processing of personal data is 1C-Bitrix LLC (TIN 7717586110, address: 109544, Moscow, b-r Enthusiasts, D.2, 13th fl., pom. 8-19). In this case, the handler will perform the following actions during the execution of the order: accumulation, storage, and destruction of personal data.

The purpose of personal data processing is the preparation, conclusion and execution of a civil contract. (Including sending information about the Operator's services to the personal data subject with his consent).

The personal data processed for this purpose does not belong to special categories or biometric in accordance with Articles 10-11 FZ-152 and is processed both without the use of automation tools and with their use.

During the processing of personal data, the following actions will be performed:: collection; recording; systematization; accumulation; storage; refinement (updating, modification); extraction; use; blocking; destruction.

We will destroy your personal data if there is an appropriate legal basis in accordance with Part 4 of art. 21 FZ-152. If we conclude a contract with you, we will continue to process your personal data in order to fulfill it.

Upon achievement of the specified processing purpose, or other grounds provided for by FZ-152 arise, your personal data will be destroyed by erasing or shredding in a shredder during non-automated processing.

Your rights when processing personal data

In accordance with FZ-152, you have the right to:

- access to personal data;

- clarification of personal data;

- blocking and destruction of personal data;

- appealing against our actions and our inaction;

- appeal against decisions based solely on automated processing of personal data;

- withdrawal of consent to the processing of personal data.

In the course of exercising your rights, we may request additional information that will allow us to reliably identify you. Such information will be required in rare cases. We try to request the minimum necessary amount of additional information for your identification. We will not be able to exercise your rights if you do not provide additional identification information in response to our request.

Conditions for providing information about your rights:

If your request is unreasonable or excessive, in particular due to its repetitive nature, we may refuse to respond.

The right to access your personal data:

You have the right to receive reliable information from us about the processing of your personal data, and, if possible, access to your personal data and the following information:
- Confirmation of the fact of personal data processing by the operator;

- Legal grounds and purposes of personal data processing;

- The purposes and methods of personal data processing used by the operator;

- The name and location of the operator, information about persons (positions) who have access to personal data or to whom personal data may be disclosed on the basis of an agreement with the operator or on the basis of federal law;

- The processed personal data related to you, the source of their receipt;

- Terms of processing, including the terms of storage of personal data;

- The procedure for exercising your rights in accordance with FZ-152;

- Information about the transborder data transfer that has been carried out or is expected to be carried out;

- The name/full name and address of the person who processes personal data on behalf of the operator, if the processing is or will be entrusted to such a person.

The right to clarify your personal data

We take measures to identify inaccurate, incomplete, outdated data. If the data is inaccurate, incomplete or outdated, you have the right to request that we correct the data concerning you without undue delay. After correcting your personal data, we will notify you about it.

The right to appeal against our actions or our omissions

You have the right to object to the processing of your personal data in response to our actions/omissions. To do this, you can contact the Roskomnadzor territorial authority in your region.

The right to appeal against decisions based solely on automated processing of personal data.

You have the right not to be subjected to a decision based solely on automated processing, including profiling, which entails legal consequences for you or similarly significantly affects you.

You have the right to contact us to appeal against our actions when making decisions based solely on automated processing of personal data, if any.

The right to revoke consent to the processing of personal data

If your data is processed on the basis of consent, you have the right to revoke it.

How can you exercise your rights:

1. Write a request to our address: 123 Karl Marx St., room No. 3, Krasnoyarsk, 660049, specifying in it the details of your passport, your full name, information about our relationship with you, during which we received your personal data. Please do not forget to sign your request.;

2. You can send a request by e-mail info@grlight.ru . In this case, the request must be signed with an enhanced qualified electronic signature so that we can verify that the request is indeed coming from you.;

3. You can also call us by phone 8(391)223-85-85, 8(391)290-40-49.

Please note that the contacts indicated in this paragraph are used only for interaction regarding the processing and protection of your personal data. Requests sent by you to the contacts specified in the Policy that are not related to data protection will not be considered.

How and when can we restrict your rights

We may limit the scope of our obligations and your rights (to access, clarify, block, or destroy data) in the following cases:

- The processing of personal data, including personal data obtained as a result of operational search, counterintelligence and intelligence activities, is carried out for the purposes of national defense, state security and law enforcement;

- Personal data is processed by the authorities that have detained the subject of personal data on suspicion of committing a crime, or have charged the subject of personal data in a criminal case, or have applied a preventive measure to the subject of personal data prior to the indictment, except in cases provided for by the criminal procedure legislation of the Russian Federation, if it is allowed to familiarize the suspect or accused with such personal data;

- Personal data is processed in accordance with the legislation on countering the legalization (laundering) of proceeds from crime and the financing of terrorism;

- The access of the personal data subject to his personal data violates the rights and legitimate interests of third parties;

- Personal data is processed in cases stipulated by the legislation of the Russian Federation on transport security in order to ensure the stable and safe functioning of the transport complex, protect the interests of individuals, society and the state in the field of transport complex from acts of unlawful interference.

When we have legitimate grounds to continue processing your personal data

There are special conditions for the realization of certain rights, without which the right cannot be realized. If we are unable to exercise your right at your request, we will write you a reasoned refusal.

Cookies and other online identifiers

To improve our site and ensure the best possible provision of services to you on your computer or mobile device, as well as to enable you to navigate our site quickly and easily, we process data such as your IP address, information about your browser and operating system, data from cookies and Yandex.Metrica, and other similar information. information.

Such data is transmitted by your device from which you open our website, and is automatically used by us solely for statistical purposes, to analyze ways to improve the quality of Greenlight services.

On the website www.grlight.ru The following cookies are used:

Data before scrolling

name: _ym_visorc

path: /

value: w

domain: .grlight.ru

expiry: 1699503823

secure: True

httpOnly: False

sameSite: None

name: _gat_gtag_UA_140328621_1

path: /

value: 1

domain: .grlight.ru

expiry: 1699502083

secure: False

httpOnly: False

name: _gid

path: /

value: GA1.2.244159807.1699502023

domain: .grlight.ru

expiry: 1699588423

secure: False

httpOnly: False

name: _ga

path: /

value: GA1.2.1538590138.1699502023

domain: .grlight.ru

expiry: 1762574023

secure: False

httpOnly: False

name: BX_USER_ID

path: /

value: c5b6fc882493a5a28660d835e5650836

domain: www.grlight.ru

expiry: 2014862023

secure: False

httpOnly: False

name: _ym_uid

path: /

value: 16995020238049127

domain: .grlight.ru

expiry: 1731038022

secure: True

httpOnly: False

sameSite: None

name: _ga_S0GTX0H8TL

path: /

value: GS1.1.1699502022.1.0.1699502022.60.0.0

domain: .grlight.ru

expiry: 1762574022

secure: False

httpOnly: False

name: _ym_d

path: /

value: 1699502023

domain: .grlight.ru

expiry: 1731038022

secure: True

httpOnly: False

sameSite: None

name: PHPSESSID

path: /

value: 486b9329c152899686412fa113ea97c7

domain: www.grlight.ru

secure: False

httpOnly: True

Data after scrolling

name: _ym_visorc

path: /

value: w

domain: .grlight.ru

expiry: 1699503823

secure: True

httpOnly: False

sameSite: None

name: _gat_gtag_UA_140328621_1

path: /

value: 1

domain: .grlight.ru

expiry: 1699502083

secure: False

httpOnly: False

name: _gid

path: /

value: GA1.2.244159807.1699502023

domain: .grlight.ru

expiry: 1699588423

secure: False

httpOnly: False

name: _ga

path: /

value: GA1.2.1538590138.1699502023

domain: .grlight.ru

expiry: 1762574023

secure: False

httpOnly: False

name: BX_USER_ID

path: /

value: c5b6fc882493a5a28660d835e5650836

domain: www.grlight.ru

expiry: 2014862023

secure: False

httpOnly: False

name: _ym_uid

path: /

value: 16995020238049127

domain: .grlight.ru

expiry: 1731038022

secure: True

httpOnly: False

sameSite: None

name: _ga_S0GTX0H8TL

path: /

value: GS1.1.1699502022.1.0.1699502022.60.0.0

domain: .grlight.ru

expiry: 1762574022

secure: False

httpOnly: False

name: _ym_d

path: /

value: 1699502023

domain: .grlight.ru

expiry: 1731038022

secure: True

httpOnly: False

sameSite: None

name: PHPSESSID

path: /

value: 486b9329c152899686412fa113ea97c7

domain: www.grlight.ru

secure: False

httpOnly: True

 

Disclaimers

Data privacy

The personal data that we collect and store is considered confidential information. They are protected from loss, alteration or unauthorized access according to the legislation of the Russian Federation in the field of personal data. To do this, we use technical means and organizational measures. We are constantly improving our data protection.

Ensuring the fulfillment of the operator's duties and measures to protect personal data
The security of personal data processed by the Operator is ensured by the implementation of legal, organizational and technical measures necessary to meet the requirements of federal legislation in the field of personal data protection.

The following organizational and technical measures are applied by the Operator to prevent unauthorized access to personal data:

- appointment of a person responsible for the organization of personal data processing;

- appointment of a person responsible for ensuring the security of personal data in information systems;

- limitation of the number of persons allowed to process personal data;

- familiarization of subjects with the requirements of federal legislation and regulatory documents of the Operator for the processing and protection of personal data;

- organization of accounting, storage and handling of media containing information with personal data;

- identification of threats to the security of personal data during their processing, formation of a threat model based on them;

- development of a personal data protection system based on a threat model;

- checking the availability and effectiveness of information security tools;

- differentiation of user access to information resources and software and hardware information processing facilities;

- use of anti-virus tools and personal data protection system recovery tools;

- the use of inter-network shielding, intrusion detection, and information security analysis, if necessary;

- organization of access control to the Operator's territory, protection of premises with technical means of personal data processing.

Final provisions

Other rights and obligations of the Operator in connection with the processing of personal data are determined by the legislation of the Russian Federation in the field of personal data.

The Operator's employees who are guilty of violating the rules governing the processing and protection of personal data are subject to disciplinary, administrative, civil or criminal liability in accordance with the procedure established by the federal laws of the Russian Federation.

Policy Change

We reserve the right to make changes to our Policy at any time, including, but not limited to, in cases where the relevant changes are related to changes in applicable law, as well as when the relevant changes are related to changes in the operation of Greenlight or the site. www.grlight.ru . The new Policy comes into force on the day it is published on the website.

The date of the last revision of the Policy is 02.12.2023.
We use cookies for fast and convenient operation of the site. By continuing to use the site, you accept terms of personal data processing and agree to receive information materials
Cогласны получать информационные материалы.                                                  

Яндекс.Метрика