Score is open 8am until 9pm. Dayli. Online orders are accepted 24/7. Store address: "Food city", Cross-dock №10, Score №1, " Live seafood"

Terms of agreement

PROTECTION POLICY AND THE PROCESSING OF PERSONAL DATA
LLC " Klimini club»
 
1. Generalities
1.1. This Policy regarding the processing of personal data (hereinafter – the policy) is drawn up in accordance with paragraph 2 of article 18.1 of the Federal law "on personal data" № 152-FZ of July 27, 2006, as well as other regulatory legal acts of the Russian Federation in the field of protection and processing of personal data and is valid for all personal data (hereinafter – the data) that the Organization (hereinafter – the operator, the Company) may receive from the subject of personal data, which is a party to the civil law agreement, from the Internet user (hereinafter-the "The policy"). – The user) while using any of the websites, services, services, programs, products or services of LLC "Klimini club", as well as from the subject of personal data consisting with the Operator in the relations regulated by the labor legislation (hereinafter – the Employee).
1.2. The operator provides protection of the processed personal data from unauthorized access and disclosure, misuse or loss in accordance with the requirements of the Federal law of July 27, 2006 № 152-FZ "on personal data".
1.3. The operator has the right to make changes to this Policy. When changes are made, the Policy header indicates the date when the revision was last updated. The new version of the Policy shall enter into force upon its posting on the website, unless otherwise provided by the new version of the Policy.
 
2. Terms and abbreviations used
Personal data – any information relating directly or indirectly to a specific or identifiable natural person (subject of personal data).
Processing of personal data – any action (operation) or a set of actions (operations) performed using automation or without the use of such means with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
Automated processing of personal data – processing of personal data by means of computer equipment.
Information system of personal data (ISPD) – a set of personal data contained in databases and ensuring their processing of information technologies and technical means.
Personal data made publicly available by the subject of personal data – personal data, access by an unlimited number of persons to which is provided by the subject of personal data or at his request.
Blocking of personal data-temporary termination of processing of personal data (except for cases when processing is necessary to clarify personal data).
Destruction of personal data – actions as a result of which it becomes impossible to restore the content of personal data in the information system of personal data and (or) as a result of which the material carriers of personal data are destroyed.
Operator-an organization, independently or jointly with other persons, organizing the processing of personal data, as well as determining the purposes of processing of personal data to be processed, actions (operations) performed with personal data. The operator is LLC Klimini club, located at the address: ORPC "Food city" Kaluga highway 22-km, 10 Cross-dock, Shop №1.
 
3. Personal data processing
3.1. Receiving personal data.
3.1.1. All personal data should be obtained from the subject. If the subject's personal data can only be obtained from a third party, the subject must be notified or consent must be obtained.
3.1.2. The operator shall inform the subject of the purposes, the intended sources and methods of obtaining personal data, the nature of the personal data to be received, the list of actions with personal data, the period during which the consent is valid, and the procedure for its withdrawal, as well as the consequences of the subject's refusal to give written consent to their receipt.
3.1.3. Documents containing personal data are created by:
- copy of original documents (passport, education document, TIN certificate, pension certificate, etc.).);
- entering information into accounting forms;
- obtaining the originals of the necessary documents (employment record, medical report, characteristics, etc.).
3.2. Personal data processing.
3.2.1. Processing of personal data is carried out:
- with the consent of the personal data subject to the processing of his personal data;
- in cases where the processing of personal data is necessary for the implementation and performance of the functions, powers and duties assigned by the legislation of the Russian Federation;
- in cases where the processing of personal data is carried out, the access of an unlimited number of persons to which is provided by the subject of personal data or at his request (hereinafter – personal data made publicly available by the subject of personal data).
3.2.2. Purposes of personal data processing:
- implementation of labour relations;
- implementation of civil law relations;
          - to identify users (visitors) of the online store website, to communicate with the user, including sending notifications, requests and information relating to the use of the store website, execution of agreements and contracts, as well as processing requests and applications from the user.
          - depersonalization of personal data to obtain depersonalized statistical data, which are transferred to a third party for research, works or services on behalf of the store.
3.2.3. Categories of personal data subjects.
Personal data of the following personal data subjects are processed:
- individuals who are in labor relations with the Company;
- individuals who have resigned from the Company;
- natural persons who are candidates for employment;
- individuals who are in civil relations with the Company;
- individuals who are users of the store website.
3.2.4. Personal data processed by the Operator:
- data obtained in the implementation of labor relations;
- data obtained for the selection of candidates for the job;
- data obtained in the implementation of civil law relations;
- data received from users of the store website.
3.2.5. Processing of personal data is carried out:
- using automation tools;
- without the use of automation.
3.3. Storage of personal data.
3.3.1. Subjects ' personal data can be obtained, to be further processed and transmitted to storage on paper and electronically.
3.3.2. Personal data recorded on paper are stored in locked cabinets or in locked rooms with limited access rights.
3.3.3. Personal data of subjects processed using automation tools for different purposes are stored in different folders.
3.3.4. It is not allowed to store and place documents containing personal data in open electronic directories (file sharing) in ISPD.
3.3.5. The storage of personal data in a form that allows to identify the subject of personal data is carried out no longer than the purposes of their processing require, and they are subject to destruction upon achievement of the purposes of processing or in case of loss of the need to achieve them.
3.4. Destruction of personal data.
3.4.1. Destruction of documents (carriers) containing personal data is carried out by burning, crushing (grinding), chemical decomposition, transformation into a formless mass or powder. For destruction of paper documents use of the shredder is allowed.
3.4.2. Personal data on electronic media is destroyed by erasing or formatting the media.
3.4.3. The fact of destruction of personal data is documented by the act of destruction of carriers.
3.5. Transfer of personal data.
3.5.1. The operator transfers personal data to third parties in the following cases:
- the subject consented to such actions – ;
- the transfer is provided for by Russian or other applicable law within the procedure established by law.
3.5.2. List of persons to whom personal data is transferred.
- Pension Fund of the Russian Federation for accounting (legally);
- tax authorities of the Russian Federation (legally);
- Social insurance Fund of the Russian Federation (legally);
- territorial compulsory health insurance Fund (legally);
- insurance medical organizations for compulsory and voluntary health insurance (legally);
- banks for payroll (on the basis of the contract);
- bodies of the Ministry of internal Affairs of Russia in the cases established by the legislation;
- impersonal personal data Of the users of the website of the online store are transferred to the contractors of the Store.
 
4. Personal data protection
4.1. In accordance with the requirements of regulatory documents, the Operator has created a system of personal data protection (SZPD), consisting of subsystems of legal, organizational and technical protection.
4.2. The subsystem of legal protection is a set of legal, organizational, administrative and regulatory documents that ensure the creation, operation and improvement of the FDD.
4.3. The subsystem of organizational protection includes the organization of the management structure of the SZPD, the licensing system, the protection of information when working with employees, partners and third parties.
4.4. The subsystem of technical protection includes a set of technical, software, software and hardware that provide protection of personal data.
4.4. The main measures of personal data protection used by the Operator are:
4.5.1. Appointment of a person responsible for the processing of personal data, which carries out the organization of personal data processing, training and instruction, internal control over compliance with the requirements for the protection of personal data by the institution and its employees.
4.5.2. Identification of actual threats to the security of personal data during their processing in the ISPD and development of measures and measures for the protection of personal data.
4.5.3. Development of a policy for the processing of personal data.
4.5.4. Establishing rules of access to personal data processed in the ISPD, as well as ensuring the registration and accounting of all actions taken with personal data in the ISPD.
4.5.5. Setting individual passwords for employees ' access to the information system in accordance with their work responsibilities.
4.5.6. The use of the past in the prescribed manner and procedure of conformity assessment of information security tools.
4.5.7. Certified antivirus software with regularly updated databases.
4.5.8. Compliance with the conditions ensuring the safety of personal data and excluding unauthorized access to them.
4.5.9. Detection of unauthorized access to personal data and taking measures.
4.5.10. Recovery of personal data modified or destroyed as a result of unauthorized access to them.
4.5.11. Training of the Operator's employees directly engaged in the processing of personal data, the provisions of the legislation of the Russian Federation on personal data, including the requirements for the protection of personal data, documents defining the Operator's policy regarding the processing of personal data, local acts on the processing of personal data.
4.5.12. Implementation of internal control and audit.
 
5. Basic rights of the personal data subject and obligations of the Operator
5.1. Basic rights of the personal data subject.
The subject has the right to access his / her personal data and the following information:
- confirmation of the fact of personal data processing by the Operator;
- legal grounds and purposes of personal data processing;
- purposes and methods of personal data processing used by the Operator;
- the name and location of the Operator, information about persons (except employees of the Operator) who have access to personal data or who may be disclosed personal data on the basis of an agreement with the Operator or on the basis of Federal law;
- terms of processing of personal data, including the terms of their storage;
- the order of implementation by the subject of personal data of the rights provided by the Federal law;
- name or surname, name, patronymic and address of the person processing personal data on behalf of the Operator, if the processing is or will be entrusted to such person;
- appeal to the Operator and sending him requests;
- appeal against actions or omissions of the Operator.
5.2. Responsibilities Of The Operator.
The operator is obliged:
- when collecting personal data, provide information on the processing of personal data;
- if personal data were not received from the subject of personal data, notify the subject;
- in case of refusal to provide personal data to the subject, the consequences of such refusal are explained;
- publish or otherwise provide unrestricted access to the document defining its policy regarding the processing of personal data, to information on the requirements for the protection of personal data;
- take the necessary legal, organizational and technical measures or ensure their adoption to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as other illegal actions in relation to personal data;
- respond to requests and appeals of personal data subjects, their representatives and the authorized body for the protection of the rights of personal data subjects.