Privacy Policy for Personal Data Processing
1. General ProvisionsThis personal data processing policy is drafted in accordance with the Federal Law No. 152‑FZ “On Personal Data” dated July 27, 2006 (the “Personal Data Law”) and defines the procedures for processing personal data and the security measures taken by Olzhabay Kamilla (the “Operator”).
1.1. The Operator considers as a top priority ensuring the rights and freedoms of individuals when processing their personal data, including privacy, personal and family secrecy.
1.2. This policy applies to all information the Operator may receive from visitors of the website https://kamilladesign.com/eng.
2. Key Terms Used in This Policy2.1. Automated processing of personal data: processing using computing equipment.
2.2. Blocking of personal data: temporary suspension of data processing (except for clarifying purposes).
2.3. Website: the graphic and informational materials, software and databases accessible at https://kamilladesign.com/eng.
2.4. Personal data information system: a set of databases and technologies enabling the processing of personal data.
2.5. De-identification: actions making it impossible to identify a data subject without additional information.
2.6. Processing of personal data: any action(s) performed with personal data, automated or not, including collection, storage, alteration, use, transfer, anonymization, blocking, deletion, etc.
2.7. Operator: a legal entity or individual who determines purposes, methods, scope, and handling of personal data.
2.8. Personal data: any information directly or indirectly related to a specific, identifiable user of https://kamilladesign.com/eng.
2.9. Personal data permitted for public dissemination: data that the subject has agreed to share publicly.
2.10. User: any visitor of https://kamilladesign.com/eng.
2.11. Provision of personal data: actions aimed at disclosing data to a specific person or group.
2.12. Dissemination of personal data: any actions leading to disclosure to an unspecified number of persons.
2.13. Cross-border transfer of personal data: transfer to foreign states, authorities, or entities.
2.14. Destruction of personal data: irreversible deletion making recovery impossible.
3. Operator's Rights and Obligations3.1. The Operator has the right to:
  • request accurate personal data and documents from the data subject;
  • continue processing data even if consent is withdrawn, if permitted by law;
  • independently define measures required by federal law and internal regulations.
  • 3.2. The Operator must:
  • provide information about data processing upon request;
  • organize data processing in accordance with Russian law;
  • respond to data subject inquiries;
  • notify the relevant authority within 10 days upon request;
  • publish and maintain unrestricted access to this policy;
  • implement legal, organizational, and technical measures to protect data;
  • stop data disclosure or processing and destroy data when required by law;
  • fulfill additional legal obligations.
4. Rights and Responsibilities of Data Subjects4.1. Data subjects have the right to:
  • receive information about processing, except when restricted by law;
  • request correction, blocking, or destruction of data;
  • give advance consent to market promotion processing;
  • withdraw consent and request termination of processing;
  • appeal violations to authorities or courts;
  • exercise other rights under Russian law.
  • 4.2. Data subjects must:
  • provide accurate data;
  • inform the Operator of any changes or updates in their personal data.
  • 4.3. Individuals providing incorrect data or third-party data without consent bear legal responsibility.
5. Data Processing Principles5.1. Processing is conducted lawfully and fairly.
5.2. Processing is limited to specific lawful purposes.
5.3. Databases with incompatible goals cannot be merged.
5.4.–5.6. Data processed must be adequate, relevant, accurate, and kept up-to-date.
5.7. Data is retained only as long as needed, and then deleted or anonymized unless required otherwise by law.
6. Purposes of ProcessingPurpose: notifying Users via email.
Personal data: name, phone number.
Legal basis: charter documents of the Operator.
Types of processing: collection, recording, systematization, storage, destruction, and anonymization.
7. Conditions for Data Processing7.1.–7.7. Data processing is conducted with consent or when legally required (legal obligations, contract execution, public interest, or publicly available data).
8. Data Handling ProceduresThe Operator ensures data security through legal, organizational, and technical safeguards.
8.1. Data is protected from unauthorized access.
8.2. Data is never shared except by law or with user consent.
8.3. Users may correct inaccuracies via email at tokamisite@gmail.com with subject “Update Personal Data.”
8.4. Data is processed until the purpose is fulfilled or consent is withdrawn, unless required otherwise.
8.5.–8.7. Data collected by third-party services are handled per their own policies; the Operator is not responsible for them.
8.8.–8.9. Data is retained in identification form until purposes are met or consent is withdrawn.
9. Data Processing Actions9.1.–9.2. The Operator carries out the full range of data processing actions, including via automated systems and data transfer.
10. Cross-border Transfers10.1.–10.2. Before transferring abroad, the Operator must notify the data protection authority and collect necessary information from foreign entities.
11. ConfidentialityThe Operator and anyone with access must keep the data confidential unless otherwise required by law.
12. Final Clauses12.1. For questions about data processing, Users can contact tokamisite@gmail.com.
12.2. This policy is effective indefinitely until replaced by a new version.
12.3. The current version is available at https://kamilladesign.com/eng/privacy.
Made on
Tilda