Policy regarding the processing of personal data

1. General Provisions

The present Policy regarding the processing of personal data (hereinafter "the Policy") has been prepared in compliance with paragraph 2 of Article 18.1 of the Federal Law of the Russian Federation No. 152-FZ "On Personal Data", dated 27 July 2006, and is valid in respect of all personal data (hereinafter "Data"), which Viterra Rus LLC (hereinafter "the Company") may receive from a subject of personal data in the course of the performance of labour and other contractual relations.

The Policy applies to Data received both before and after the approval of the present Policy.

The Policy also applies to the cross-border transfer of Data, by which is to be understood the transfer of data to a government agency of a foreign country on the territory of a foreign country, to a foreign individual or to a foreign legal entity.

 

2. Data processed by the Company

2.1. For the purposes of the present Policy, Data are to be understood to mean:

- Data of Company employees,

- Data of customers of the Company.

2.2. The length of time for which Data of Russian citizens are stored is determined by an employment contract, the provisions of contracts concluded with a subject of personal data, and the requirements of federal legislation of the Russian Federation.

 

3. Goals of Data processing 

3.1The Company collects and stores Data of subjects of personal data, which are necessary in order to comply with the provisions of labour legislation of the Russian Federation or of contractual relations.

 

4. Conditions for processing of Data and their transfer to third parties

4.1 Processing of personal data by the Company is carried out with observance of the principles and rules set out by federal legislation and by the present Policy. 

4.2 The Company has the right to transfer the Data of subjects of personal data to third parties in cases provided for by the legislation of the Russian Federation, as well as to government bodies and services for the purposes of performance by the Company of contractual relations with a subject of personal data.

4.3 The Company is guided in the processing of the Data of subjects of personal data by the Federal Law of the Russian Federation No. 152 "On Personal Data", dated 27 July 2006, and by the present Policy.

 

5. Principles of the processing of data

5.1 Processing of data on a legal and fair basis

Data must be properly processed by the Company in compliance with applicable legislation and with the present Policy. The Company and its officials, if they are found to be at fault, bear responsibility as provided for by the laws of the Russian Federation for breaching rules that govern the receipt, processing and protection of Data.

5.2 Transparency of processing of Data 

A subject of personal data has the right to receive information from the Company concerning the processing of his Data in the manner, scope and time limits provided for by the laws of the Russian Federation and by the Company's internal documents.

5.3 The processing of data is limited to the achievement of specific, previously defined and lawful goals

Data processing that is incompatible with the goals of Data collection is not permitted. The content and amount of Data processed must correspond to the stated goals of its processing. Data that are processed should not be excessive in relation to the declared goals of their processing.

5.4 Accuracy, adequacy and relevance of Data with respect to the goals of their processing 

When processing Data, the Company ensures the accuracy of the Data, its sufficiency, and, in required cases, its relevance to the goals of processing. Processed Data are to be destroyed or depersonalized upon achievement of the goals of processing, or if the achievement of these goals is no longer required, unless otherwise provided for by federal legislation of the Russian Federation. The Company ensures that necessary measures are taken to delete or update incomplete or inaccurate Data. 

5.5 Security in Data processing

The Company implements and applies appropriate technical and organizational measures to ensure the security of Data. These measures are designed to protect Data from unauthorized access, illegal processing and disclosure, as well as from accidental loss, alteration or destruction

5.6 Confidentiality and protection of Data 

The Company is obliged not to disclose to third parties or disseminate Data without the consent of the subject of personal data, unless otherwise provided for by federal legislation of the Russian Federation. The Company takes necessary and sufficient measures to protect Data from unauthorized or accidental access, destruction, alteration, blocking, copying, distribution, and from other unlawful actions with it by third parties.

 

6. Alteration of Data

6.1 The Company has the right to enter, add to, alter, block or delete the personal data of a Company employee or counterparty as provided for by the laws of the Russian Federation.

 

7. Alteration of the Policy. Applicable law

7.1 The Company has the right to make amendments to the present Policy. When amendments are made, the date of the latest amendments is shown in the title of the Policy. The amended version of the Policy comes into force from the time of its publication on the Company website, unless otherwise provided for by the amended version of the Policy.

7.2 The current version of the Policy is kept at the address of the executive body of the Company, which is: 107140, Moscow, Moskovsko-Kazansky lane, 11-15 room 30, and the electronic version of the Policy is available on the website of the Company at the address: http://www.viterrarussia.com. 

7.3 The applicable law for the present Policy and for relationships between subjects of personal data and the Company is the law of the Russian Federation.

 

8. Contacts

8.1 Email address: igc.reception@viterra.com

8.2 Postal address: 3, Poklonnaya str., bld.4, section E3, floor 3, Moscow, 121170, the Russian Federation

8.3 Telephone: +7 (495) 960-20-63