Personal Data Processing Policy1. General ProvisionsThis personal data processing policy has been prepared in accordance with the requirements of the Federal Law of 27.07.2006 No. 152-FZ “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data implemented by Aleksandra Andreevna Borisova (hereinafter referred to as the Operator).1.1. The Operator considers the observance of human and civil rights and freedoms in the processing of personal data, including the protection of the right to privacy, personal and family secrecy, as its most important goal and condition for conducting its activities.1.2. This Operator’s personal data processing policy (hereinafter referred to as the Policy) applies to all information that the Operator may receive about visitors of the website https://thematch-event.com.2. Key Concepts Used in the Policy2.1. Automated processing of personal data — processing of personal data using computing equipment.2.2. Blocking of personal data — temporary cessation of personal data processing (except when processing is necessary to clarify personal data).2.3. Website — a set of graphic and informational materials, as well as software and databases ensuring their availability on the Internet at the network address https://thematch-event.com.2.4. Personal data information system — a set of personal data contained in databases and the information technologies and technical means ensuring their processing.2.5. Anonymization of personal data — actions resulting in the impossibility of determining, without additional information, the belonging of personal data to a specific User or other personal data subject.2.6. Processing of personal data — any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.2.7. Operator — a state body, municipal body, legal or natural person independently or jointly with others organizing and/or performing personal data processing, as well as determining the purposes of personal data processing, the composition of personal data subject to processing, and actions (operations) performed with personal data.2.8. Personal data — any information directly or indirectly relating to a specific or identifiable User of the website https://thematch-event.com.2.9. Personal data permitted by the personal data subject for dissemination — personal data to which unrestricted access has been granted by the subject of personal data by giving consent to the processing of personal data permitted by the personal data subject for dissemination in accordance with the Personal Data Law (hereinafter referred to as personal data permitted for dissemination).2.10. User — any visitor of the website https://thematch-event.com.2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a specific group of persons.2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or at familiarizing an unlimited number of persons with personal data, including publication in the media, placement in information and telecommunications networks, or providing access to personal data by any other means.2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a government authority of a foreign state, foreign natural person, or foreign legal entity.2.14. Destruction of personal data — any actions as a result of which personal data is irrevocably destroyed with no possibility of further restoration of the contents of personal data in the personal data information system and/or physical media containing personal data are destroyed.3. Key Rights and Obligations of the Operator3.1. The Operator has the right to:— receive from the personal data subject reliable information and/or documents containing personal data;— in case of withdrawal by the personal data subject of consent to the processing of personal data, as well as submission of a request to terminate personal data processing, continue processing personal data without the subject’s consent if there are grounds specified in the Personal Data Law;— independently determine the composition and list of measures necessary and sufficient to ensure compliance with the obligations provided for by the Personal Data Law and the regulations adopted in accordance with it, unless otherwise provided by the Personal Data Law or other federal laws.3.2. The Operator is obliged to:— provide the personal data subject, upon request, with information regarding the processing of their personal data;— organize the processing of personal data in accordance with the procedure established by the current legislation of the Russian Federation;— respond to requests and inquiries of personal data subjects and their legal representatives in accordance with the Personal Data Law;— provide the authorized personal data protection authority with necessary information upon its request within 10 days of receiving such request;— publish or otherwise ensure unrestricted access to this Policy on personal data processing;— take legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, dissemination, and other unlawful actions;— cease the transfer (dissemination, provision, access) of personal data, cease processing, and destroy personal data in the manner and cases provided by the Personal Data Law;— fulfill other obligations provided by the Personal Data Law.4. Key Rights and Obligations of Personal Data Subjects4.1. Personal data subjects have the right to:— receive information regarding the processing of their personal data, except as provided by federal laws. Information is provided to the personal data subject in an accessible form and should not contain personal data relating to other subjects, unless there are legal grounds for disclosure;— require the operator to clarify their personal data, block or destroy it if personal data is incomplete, outdated, inaccurate, illegally obtained, or not necessary for the declared purpose of processing, and take legal measures to protect their rights;— impose a condition of prior consent for processing personal data for marketing purposes;— withdraw consent to personal data processing and submit a request to terminate processing;— appeal to the authorized personal data protection authority or in court against unlawful actions or inaction of the Operator;— exercise other rights provided by the legislation of the Russian Federation.4.2. Personal data subjects are obliged to:— provide the Operator with reliable information about themselves;— notify the Operator of any clarification (update, change) of their personal data.4.3. Persons who provide the Operator with unreliable information about themselves, or information about another personal data subject without consent, bear responsibility in accordance with the legislation of the Russian Federation.5. Principles of Personal Data Processing5.1. Personal data processing is carried out on a legal and fair basis.5.2. Personal data processing is limited to achieving specific, predetermined, and lawful purposes. Processing inconsistent with the purposes of data collection is not allowed.5.3. Merging databases containing personal data processed for incompatible purposes is not allowed.5.4. Only personal data corresponding to the purposes of processing is subject to processing.5.5. The content and volume of processed personal data correspond to the stated purposes. Excessive processing relative to the declared purposes is not allowed.5.6. Accuracy, sufficiency, and, where necessary, relevance of personal data is ensured. The Operator takes measures to remove or clarify incomplete or inaccurate data.5.7. Personal data is stored in a form that allows identification of the subject for no longer than required for the processing purposes, unless otherwise stipulated by federal law or contract. Personal data is destroyed or anonymized once processing purposes are achieved or are no longer necessary.6. Purposes of Personal Data ProcessingPurpose of processing: informing the User via emailPersonal data: surname, first name, patronymic, phone numbersLegal basis: Federal Law “On Information, Information Technologies, and Information Protection” of 27.07.2006 No. 149-FZType of processing: sending informational emails7. Conditions for Personal Data Processing7.1. Processing is carried out with the consent of the personal data subject.7.2. Processing is necessary to achieve purposes provided by an international treaty of the Russian Federation or law, or to perform functions, powers, and duties assigned by Russian law.7.3. Processing is necessary for justice, enforcement of a court decision, or other legal acts under Russian law.7.4. Processing is necessary for execution or conclusion of contracts involving the personal data subject.7.5. Processing is necessary to exercise the rights and legitimate interests of the Operator or third parties or to achieve public purposes, provided it does not violate the rights and freedoms of the personal data subject.7.6. Processing of publicly available personal data is allowed.7.7. Processing required for publication or mandatory disclosure under federal law is allowed.8. Procedure for Collection, Storage, Transfer, and Other ProcessingThe Operator ensures security of personal data by implementing legal, organizational, and technical measures.8.1. The Operator ensures the safety of personal data and prevents unauthorized access.8.2. Personal data will not be transferred to third parties except as required by law or with the subject’s consent.8.3. Users may update their data by sending an email to hello@thematchevent.com marked “Personal Data Update.”8.4. The processing period is determined by achieving the processing purposes. Users may withdraw consent at any time by sending an email marked “Withdrawal of Consent to Personal Data Processing.”8.5. Information collected by third-party services is processed according to their own privacy policies; the Operator is not responsible for third-party actions.8.6. Restrictions set by the data subject do not apply in cases of public interest as defined by Russian law.8.7. The Operator ensures confidentiality of personal data.8.8. Personal data is stored only as long as necessary for processing purposes.8.9. Processing may be terminated upon achieving purposes, expiration of consent, withdrawal of consent, request for termination, or detection of unlawful processing.9. Actions Performed by the Operator with Personal Data9.1. The Operator collects, records, systematizes, accumulates, stores, updates, retrieves, uses, transfers, anonymizes, blocks, deletes, and destroys personal data.9.2. Automated processing is carried out with or without transmission over information and telecommunications networks.10. Cross-Border Transfer of Personal Data10.1. The Operator must notify the authorized personal data protection authority before cross-border transfer.10.2. The Operator must obtain necessary information from foreign authorities or recipients before transfer.11. Confidentiality of Personal DataThe Operator and other persons with access to personal data must not disclose or distribute personal data without consent unless required by law.12. Final Provisions12.1. Users may request clarification via email hello@thematchevent.com.12.2. Any changes to the Policy will be reflected in this document. The Policy remains in effect until replaced.12.3. The current version of the Policy is available at https://thematch-event.com/privacypolicy.