Privacy Policy
Personal Data Processing Policy
1. General Provisions
This Personal Data Processing Policy is drawn up in accordance with the requirements of Federal Law No. 152-FZ dated July 27, 2006, "On Personal Data," in its current version (hereinafter referred to as the "Personal Data Law"), as well as other regulatory legal acts of the Russian Federation concerning personal data processing and protection. This Policy defines the procedures for processing personal data and the security measures implemented by LLC SP "RUSKOR" (hereinafter referred to as the "Operator").
1.1. The Operator considers the observance of human and civil rights and freedoms during the processing of personal data—particularly the right to privacy, personal and family secrecy—as its foremost objective and essential condition for carrying out its activities.
1.2. This Operator’s Policy regarding personal data processing (hereinafter referred to as the "Policy") applies to all information the Operator may obtain about visitors to the website https://sproskor.ru/.
1.3. This Policy takes into account the types of activities carried out by the Operator, including those under the following OKVED codes:
25.11;
16.23;
28.93;
33.12;
33.20;
43.21;
43.29;
46.63;
46.69;
46.76;
47.52;
47.52.7;
47.52.79;
77.32.
1.4. Contact details of the person responsible for personal data processing:
Ivan Andreevich Mikulenko
Email: info@sproskor.ru
Phone: +7 (800) 234-22-98
Mailing address: 692770, Primorsky Krai, Artyom City, Zavodskoy Lane, 13, Office 1.
2. Key Terms Used in the Policy
2.1. Automated personal data processing — personal data processing using computing equipment.
2.2. Blocking of personal data — temporary suspension of personal data processing (except where processing is necessary to clarify personal data).
2.3. Website — a combination of graphic and informational materials, along with computer programs and databases that ensure accessibility on the internet at https://sproskor.ru.
2.4. Personal data information system — a set of personal data contained in databases and the information technologies and technical means used to process them.
2.5. Depersonalization of personal data — actions as a result of which personal data cannot be attributed to a specific User or other data subject without additional information.
2.6. Personal data processing — any action (operation) or set of actions (operations) performed with or without automation tools involving personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, usage, transmission (distribution, provision, access), depersonalization, blocking, deletion, or destruction of personal data.
2.7. Operator — a state or municipal body, legal entity, or individual who independently or jointly with others organizes and/or carries out personal data processing and defines the purposes, scope, and actions performed with personal data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable User of the website https://sproskor.ru/.
2.9. Personal data authorized by the data subject for dissemination — personal data for which the data subject has granted consent for unrestricted access by providing consent for dissemination in the manner stipulated by the Personal Data Law (hereinafter referred to as "personal data authorized for dissemination").
2.10. User — any visitor to the website https://sproskor.ru/.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an undefined group of persons (transmission) or making them accessible to an unlimited number of persons, including publication in mass media, placement in information and telecommunication networks, or providing access by any other means.
2.13. Cross-border transfer of personal data — transfer of personal data to a foreign state's authority, foreign individual, or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irreversible destruction of personal data, making further restoration from the personal data information system impossible, and/or the physical destruction of personal data storage media.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to:
— Obtain accurate information and/or documents containing personal data from the data subject;
— Continue processing personal data without the data subject’s consent if grounds exist as specified in the Personal Data Law, even after the data subject withdraws consent or submits a request to cease processing;
— Independently determine the scope and list of measures necessary and sufficient to fulfill obligations under the Personal Data Law and related regulations, unless otherwise provided by law.
3.2. The Operator is obliged to:
— Provide the data subject, upon request, with information regarding the processing of their personal data;
— Organize personal data processing in compliance with the current legislation of the Russian Federation;
— Respond to requests and inquiries from data subjects or their legal representatives according to the Personal Data Law;
— Provide the authorized data protection authority with necessary information within 10 days of receiving such a request;
— Publish or otherwise ensure unrestricted public access to this Policy;
— Implement legal, organizational, and technical measures to protect personal data against unauthorized or accidental access, destruction, alteration, blocking, copying, disclosure, dissemination, or other unlawful actions;
— Cease transmission (dissemination, provision, access), processing, and destroy personal data as stipulated by the Personal Data Law;
— Fulfill other obligations as required by the Personal Data Law.
4. Main Rights and Obligations of Data Subjects
4.1. Data subjects have the right to:
— Receive information about the processing of their personal data, except where restricted by federal laws. Information is provided in an accessible form and must not contain other individuals’ personal data unless legally permitted;
— Request correction, blocking, or destruction of their personal data if such data is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose, and take lawful measures to protect their rights;
— Require prior consent for personal data processing for direct marketing purposes;
— Withdraw consent for personal data processing and request cessation of processing;
— File a complaint with the authorized data protection body or a court against unlawful actions or omissions by the Operator;
— Exercise other rights as provided by Russian legislation.
4.2. Data subjects must:
— Provide the Operator with accurate information about themselves;
— Notify the Operator about any updates (corrections or changes) to their personal data.
4.3. Individuals who provide the Operator with false information about themselves or another data subject without that subject’s consent shall be held liable under Russian law.
4.4. Response timeframe to data subject requests
The Operator acknowledges receipt of a data subject’s request within 10 (ten) calendar days and provides a full response no later than 30 (thirty) calendar days from receipt of the request.
5. Principles of Personal Data Processing
5.1. Personal data is processed lawfully and fairly.
5.2. Processing is limited to specific, predetermined, and lawful purposes. Processing incompatible with the original collection purpose is prohibited.
5.3. Databases containing personal data processed for incompatible purposes must not be merged.
5.4. Only personal data relevant to the processing purposes is processed.
5.5. The content and volume of processed personal data correspond to the stated purposes. Excessive processing is prohibited.
5.6. Personal data accuracy, sufficiency, and, where necessary, relevance to processing purposes are ensured. The Operator takes necessary measures to correct or remove incomplete or inaccurate data.
5.7. Personal data is stored in a form that allows identification of the data subject only as long as necessary for processing purposes, unless a longer retention period is required by federal law, contract (where the data subject is a party, beneficiary, or guarantor). Upon achieving processing purposes or when such purposes are no longer relevant, personal data is destroyed or depersonalized, unless otherwise required by law.
6. Purposes of Personal Data Processing
6.1. Processing purposes include:
– Informing Users via email;
– Concluding and executing sales and service agreements;
– Organizing product delivery;
– Providing technical support;
– Conducting statistics and analytics;
– Handling incoming inquiries and communicating with Users via their preferred channels (phone, email, or messenger);
– Sending marketing communications with the User’s consent.
6.2. Personal data processed includes:
– Full name (first name, patronymic, surname);
– Email address;
– Phone numbers;
– Delivery address (postal code, region, city, street, building, apartment) when placing an order, as well as payment details necessary to fulfill contractual obligations.
6.3. Legal grounds for processing include Federal Law No. 152-FZ “On Personal Data” (as amended), Federal Law No. 149-FZ “On Information, Information Technologies and Data Protection,” and other applicable Russian regulations, including Federal Law No. 38-FZ “On Advertising.”
6.4. Types of personal data processing:
Collection, recording, systematization, accumulation, storage, destruction, and depersonalization.
7. Conditions for Personal Data Processing
7.1. Processing occurs with the data subject’s consent.
7.2. Processing is necessary to fulfill international treaties or Russian federal laws, or to carry out the Operator’s legally assigned duties.
7.3. Processing is necessary for judicial proceedings, enforcement of court decisions, or other legally binding acts.
7.4. Processing is necessary to execute a contract to which the data subject is a party, beneficiary, or guarantor, or to conclude a contract at the data subject’s initiative.
7.5. Processing is necessary to pursue legitimate interests of the Operator or third parties or achieve public-benefit objectives, provided the data subject’s rights are not violated.
7.6. Processing concerns personal data made publicly available by the data subject or at their request ("publicly available personal data").
7.7. Processing involves personal data required by federal law to be published or disclosed.
7.8. Website Users consent to personal data processing in the following cases:
– Registering a personal account on the Website;
– Logging in via social networks;
– Filling out a contact form or requesting a callback;
– Subscribing to newsletters;
– Submitting reviews;
– Concluding contracts.
7.9. Messengers (WhatsApp, Telegram) listed on the Website are used exclusively as communication channels and do not involve collection or processing of personal data.
7.10. The Website may contain links to external data storage services (e.g., Google Drive, Yandex.Disk). These services do not participate in personal data processing through the Website, and their owners bear full responsibility for data handling on their platforms.
7.11. Notification to Roskomnadzor in case of a personal data breach
Upon detecting unauthorized access to personal data, the Operator sends an initial notification to Roskomnadzor within 24 hours and a detailed report within 72 hours, including information on measures taken, incident scope, and suspected causes. The responsible contact is listed in Clause 1.4.
8. Procedures for Collection, Storage, Transmission, and Other Processing of Personal Data
The Operator ensures the security of processed personal data through legal, organizational, and technical measures compliant with Russian data protection legislation.
8.1. The Operator safeguards personal data and takes all possible steps to prevent unauthorized access.
8.2. Users’ personal data is never disclosed to third parties except as required by law or with the data subject’s consent for fulfilling civil-law obligations.
8.3. If personal data is inaccurate, Users may update it by emailing the Operator at info@sproskor.ru with the subject line “Personal Data Update.”
8.4. Personal data is processed until the purpose is achieved, unless a different term is set by contract or law. Users may withdraw consent at any time by emailing info@sproskor.ru with the subject line “Withdrawal of Consent for Personal Data Processing.”
8.5. Information collected by third-party services (e.g., payment systems, communication platforms) is stored and processed according to their respective Terms of Use and Privacy Policies. The Operator is not liable for third-party actions.
8.6. Restrictions set by the data subject on transfer (except access provision) or processing conditions do not apply when processing serves state, public, or other legally recognized public interests.
8.7. The Operator ensures confidentiality of personal data.
8.8. Personal data is stored only as long as necessary for processing purposes unless retention is required by law or contract.
8.9. Processing ceases upon achievement of purposes, expiration or withdrawal of consent, request to cease processing, or detection of unlawful processing.
8.10. Localization of personal data storage within the Russian Federation
In compliance with Article 18, Part 5 of Federal Law No. 152-FZ, the Operator ensures that initial recording, storage, and updating of Russian citizens’ personal data occur exclusively on servers physically located in the Russian Federation. Cross-border transfer is permitted only after local recording and technical depersonalization.
9. List of Actions Performed by the Operator with Personal Data
9.1. The Operator performs collection, recording, systematization, accumulation, storage, clarification (updating/modification), retrieval, usage, transmission (distribution/provision/access), depersonalization, blocking, deletion, and destruction of personal data.
9.2. Automated processing may involve transmission via information and telecommunication networks or occur offline.
9.3. Personal data destruction procedure
Within 30 calendar days of achieving processing purposes or upon lawful grounds for deletion, the Operator destroys personal data as follows: (a) prepares a destruction report; (b) removes data from information systems; (c) physically destroys paper media; (d) the destruction report is signed by a commission of two authorized employees.
10. Cross-Border Transfer of Personal Data
10.1. Prior to initiating cross-border transfer, the Operator must notify the authorized data protection authority of its intent (separate from the general processing notification).
10.2. Before submitting such notification, the Operator must obtain relevant information from the foreign authority, individual, or legal entity receiving the data.
11. Confidentiality of Personal Data
The Operator and any other parties with access to personal data must not disclose or disseminate such data to third parties without the data subject’s consent, unless required by federal law.
12. Final Provisions
12.1. Users may request clarifications regarding personal data processing by contacting the Operator at info@sproskor.ru.
12.2. This document will reflect any changes to the Operator’s personal data processing policy. The Policy remains in effect indefinitely until superseded by a new version.
12.3. The current version of the Policy is publicly available at https://sproskor.ru//privacy.
1. General Provisions
This Personal Data Processing Policy is drawn up in accordance with the requirements of Federal Law No. 152-FZ dated July 27, 2006, "On Personal Data," in its current version (hereinafter referred to as the "Personal Data Law"), as well as other regulatory legal acts of the Russian Federation concerning personal data processing and protection. This Policy defines the procedures for processing personal data and the security measures implemented by LLC SP "RUSKOR" (hereinafter referred to as the "Operator").
1.1. The Operator considers the observance of human and civil rights and freedoms during the processing of personal data—particularly the right to privacy, personal and family secrecy—as its foremost objective and essential condition for carrying out its activities.
1.2. This Operator’s Policy regarding personal data processing (hereinafter referred to as the "Policy") applies to all information the Operator may obtain about visitors to the website https://sproskor.ru/.
1.3. This Policy takes into account the types of activities carried out by the Operator, including those under the following OKVED codes:
25.11;
16.23;
28.93;
33.12;
33.20;
43.21;
43.29;
46.63;
46.69;
46.76;
47.52;
47.52.7;
47.52.79;
77.32.
1.4. Contact details of the person responsible for personal data processing:
Ivan Andreevich Mikulenko
Email: info@sproskor.ru
Phone: +7 (800) 234-22-98
Mailing address: 692770, Primorsky Krai, Artyom City, Zavodskoy Lane, 13, Office 1.
2. Key Terms Used in the Policy
2.1. Automated personal data processing — personal data processing using computing equipment.
2.2. Blocking of personal data — temporary suspension of personal data processing (except where processing is necessary to clarify personal data).
2.3. Website — a combination of graphic and informational materials, along with computer programs and databases that ensure accessibility on the internet at https://sproskor.ru.
2.4. Personal data information system — a set of personal data contained in databases and the information technologies and technical means used to process them.
2.5. Depersonalization of personal data — actions as a result of which personal data cannot be attributed to a specific User or other data subject without additional information.
2.6. Personal data processing — any action (operation) or set of actions (operations) performed with or without automation tools involving personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, usage, transmission (distribution, provision, access), depersonalization, blocking, deletion, or destruction of personal data.
2.7. Operator — a state or municipal body, legal entity, or individual who independently or jointly with others organizes and/or carries out personal data processing and defines the purposes, scope, and actions performed with personal data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable User of the website https://sproskor.ru/.
2.9. Personal data authorized by the data subject for dissemination — personal data for which the data subject has granted consent for unrestricted access by providing consent for dissemination in the manner stipulated by the Personal Data Law (hereinafter referred to as "personal data authorized for dissemination").
2.10. User — any visitor to the website https://sproskor.ru/.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an undefined group of persons (transmission) or making them accessible to an unlimited number of persons, including publication in mass media, placement in information and telecommunication networks, or providing access by any other means.
2.13. Cross-border transfer of personal data — transfer of personal data to a foreign state's authority, foreign individual, or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irreversible destruction of personal data, making further restoration from the personal data information system impossible, and/or the physical destruction of personal data storage media.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to:
— Obtain accurate information and/or documents containing personal data from the data subject;
— Continue processing personal data without the data subject’s consent if grounds exist as specified in the Personal Data Law, even after the data subject withdraws consent or submits a request to cease processing;
— Independently determine the scope and list of measures necessary and sufficient to fulfill obligations under the Personal Data Law and related regulations, unless otherwise provided by law.
3.2. The Operator is obliged to:
— Provide the data subject, upon request, with information regarding the processing of their personal data;
— Organize personal data processing in compliance with the current legislation of the Russian Federation;
— Respond to requests and inquiries from data subjects or their legal representatives according to the Personal Data Law;
— Provide the authorized data protection authority with necessary information within 10 days of receiving such a request;
— Publish or otherwise ensure unrestricted public access to this Policy;
— Implement legal, organizational, and technical measures to protect personal data against unauthorized or accidental access, destruction, alteration, blocking, copying, disclosure, dissemination, or other unlawful actions;
— Cease transmission (dissemination, provision, access), processing, and destroy personal data as stipulated by the Personal Data Law;
— Fulfill other obligations as required by the Personal Data Law.
4. Main Rights and Obligations of Data Subjects
4.1. Data subjects have the right to:
— Receive information about the processing of their personal data, except where restricted by federal laws. Information is provided in an accessible form and must not contain other individuals’ personal data unless legally permitted;
— Request correction, blocking, or destruction of their personal data if such data is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose, and take lawful measures to protect their rights;
— Require prior consent for personal data processing for direct marketing purposes;
— Withdraw consent for personal data processing and request cessation of processing;
— File a complaint with the authorized data protection body or a court against unlawful actions or omissions by the Operator;
— Exercise other rights as provided by Russian legislation.
4.2. Data subjects must:
— Provide the Operator with accurate information about themselves;
— Notify the Operator about any updates (corrections or changes) to their personal data.
4.3. Individuals who provide the Operator with false information about themselves or another data subject without that subject’s consent shall be held liable under Russian law.
4.4. Response timeframe to data subject requests
The Operator acknowledges receipt of a data subject’s request within 10 (ten) calendar days and provides a full response no later than 30 (thirty) calendar days from receipt of the request.
5. Principles of Personal Data Processing
5.1. Personal data is processed lawfully and fairly.
5.2. Processing is limited to specific, predetermined, and lawful purposes. Processing incompatible with the original collection purpose is prohibited.
5.3. Databases containing personal data processed for incompatible purposes must not be merged.
5.4. Only personal data relevant to the processing purposes is processed.
5.5. The content and volume of processed personal data correspond to the stated purposes. Excessive processing is prohibited.
5.6. Personal data accuracy, sufficiency, and, where necessary, relevance to processing purposes are ensured. The Operator takes necessary measures to correct or remove incomplete or inaccurate data.
5.7. Personal data is stored in a form that allows identification of the data subject only as long as necessary for processing purposes, unless a longer retention period is required by federal law, contract (where the data subject is a party, beneficiary, or guarantor). Upon achieving processing purposes or when such purposes are no longer relevant, personal data is destroyed or depersonalized, unless otherwise required by law.
6. Purposes of Personal Data Processing
6.1. Processing purposes include:
– Informing Users via email;
– Concluding and executing sales and service agreements;
– Organizing product delivery;
– Providing technical support;
– Conducting statistics and analytics;
– Handling incoming inquiries and communicating with Users via their preferred channels (phone, email, or messenger);
– Sending marketing communications with the User’s consent.
6.2. Personal data processed includes:
– Full name (first name, patronymic, surname);
– Email address;
– Phone numbers;
– Delivery address (postal code, region, city, street, building, apartment) when placing an order, as well as payment details necessary to fulfill contractual obligations.
6.3. Legal grounds for processing include Federal Law No. 152-FZ “On Personal Data” (as amended), Federal Law No. 149-FZ “On Information, Information Technologies and Data Protection,” and other applicable Russian regulations, including Federal Law No. 38-FZ “On Advertising.”
6.4. Types of personal data processing:
Collection, recording, systematization, accumulation, storage, destruction, and depersonalization.
7. Conditions for Personal Data Processing
7.1. Processing occurs with the data subject’s consent.
7.2. Processing is necessary to fulfill international treaties or Russian federal laws, or to carry out the Operator’s legally assigned duties.
7.3. Processing is necessary for judicial proceedings, enforcement of court decisions, or other legally binding acts.
7.4. Processing is necessary to execute a contract to which the data subject is a party, beneficiary, or guarantor, or to conclude a contract at the data subject’s initiative.
7.5. Processing is necessary to pursue legitimate interests of the Operator or third parties or achieve public-benefit objectives, provided the data subject’s rights are not violated.
7.6. Processing concerns personal data made publicly available by the data subject or at their request ("publicly available personal data").
7.7. Processing involves personal data required by federal law to be published or disclosed.
7.8. Website Users consent to personal data processing in the following cases:
– Registering a personal account on the Website;
– Logging in via social networks;
– Filling out a contact form or requesting a callback;
– Subscribing to newsletters;
– Submitting reviews;
– Concluding contracts.
7.9. Messengers (WhatsApp, Telegram) listed on the Website are used exclusively as communication channels and do not involve collection or processing of personal data.
7.10. The Website may contain links to external data storage services (e.g., Google Drive, Yandex.Disk). These services do not participate in personal data processing through the Website, and their owners bear full responsibility for data handling on their platforms.
7.11. Notification to Roskomnadzor in case of a personal data breach
Upon detecting unauthorized access to personal data, the Operator sends an initial notification to Roskomnadzor within 24 hours and a detailed report within 72 hours, including information on measures taken, incident scope, and suspected causes. The responsible contact is listed in Clause 1.4.
8. Procedures for Collection, Storage, Transmission, and Other Processing of Personal Data
The Operator ensures the security of processed personal data through legal, organizational, and technical measures compliant with Russian data protection legislation.
8.1. The Operator safeguards personal data and takes all possible steps to prevent unauthorized access.
8.2. Users’ personal data is never disclosed to third parties except as required by law or with the data subject’s consent for fulfilling civil-law obligations.
8.3. If personal data is inaccurate, Users may update it by emailing the Operator at info@sproskor.ru with the subject line “Personal Data Update.”
8.4. Personal data is processed until the purpose is achieved, unless a different term is set by contract or law. Users may withdraw consent at any time by emailing info@sproskor.ru with the subject line “Withdrawal of Consent for Personal Data Processing.”
8.5. Information collected by third-party services (e.g., payment systems, communication platforms) is stored and processed according to their respective Terms of Use and Privacy Policies. The Operator is not liable for third-party actions.
8.6. Restrictions set by the data subject on transfer (except access provision) or processing conditions do not apply when processing serves state, public, or other legally recognized public interests.
8.7. The Operator ensures confidentiality of personal data.
8.8. Personal data is stored only as long as necessary for processing purposes unless retention is required by law or contract.
8.9. Processing ceases upon achievement of purposes, expiration or withdrawal of consent, request to cease processing, or detection of unlawful processing.
8.10. Localization of personal data storage within the Russian Federation
In compliance with Article 18, Part 5 of Federal Law No. 152-FZ, the Operator ensures that initial recording, storage, and updating of Russian citizens’ personal data occur exclusively on servers physically located in the Russian Federation. Cross-border transfer is permitted only after local recording and technical depersonalization.
9. List of Actions Performed by the Operator with Personal Data
9.1. The Operator performs collection, recording, systematization, accumulation, storage, clarification (updating/modification), retrieval, usage, transmission (distribution/provision/access), depersonalization, blocking, deletion, and destruction of personal data.
9.2. Automated processing may involve transmission via information and telecommunication networks or occur offline.
9.3. Personal data destruction procedure
Within 30 calendar days of achieving processing purposes or upon lawful grounds for deletion, the Operator destroys personal data as follows: (a) prepares a destruction report; (b) removes data from information systems; (c) physically destroys paper media; (d) the destruction report is signed by a commission of two authorized employees.
10. Cross-Border Transfer of Personal Data
10.1. Prior to initiating cross-border transfer, the Operator must notify the authorized data protection authority of its intent (separate from the general processing notification).
10.2. Before submitting such notification, the Operator must obtain relevant information from the foreign authority, individual, or legal entity receiving the data.
11. Confidentiality of Personal Data
The Operator and any other parties with access to personal data must not disclose or disseminate such data to third parties without the data subject’s consent, unless required by federal law.
12. Final Provisions
12.1. Users may request clarifications regarding personal data processing by contacting the Operator at info@sproskor.ru.
12.2. This document will reflect any changes to the Operator’s personal data processing policy. The Policy remains in effect indefinitely until superseded by a new version.
12.3. The current version of the Policy is publicly available at https://sproskor.ru//privacy.
Ask a question