RUS

Privacy Policy

  1. INTRODUCTION
    1. This document defines the privacy policy of the BIR LLC (hereinafter referred to as Site Administration) applies to any information which the Site Administration may obtain about the User while he or she uses the site (hereinafter referred to as Site), services and products provided by the Site Administration under any agreements or contracts with the User. By signing up at the Site the User gives his or her unconditional consent with this Policy and its terms. Unless the User agree with these terms he or she must refrain from using the Services.
    2. This Policy complies with applicable personal data laws of the Russian Federation.This Policy applies to any data processing procedures, i.e. data collection, capture, organizing, accumulation, storage, updating, extraction, usage, transferring (distribution, delivering, accessing), anonymising, blocking, removing or destroying, performed either with or without any automation tools.
  2. USERS PERSONAL DATA
    1. In this Policy, "personal data" of a User means
      1. Data provided by the User when he or she submits an application, responds to a job announcement, subscribes to a mailing list or uses the Site, including personal data of the User.
      2. Data which is automatically sent to the Site Administration by the software installed on the User's device when the User uses the Site, such as IP address, cookie data, details of the User's browser (or other application used to access the Services), specifications of the User's hardware and software, date and time of accessing the Services, addresses of pages viewed, etc.
      3. Other information of the User which may be processed according to the terms and conditions of services provided by the Site Administration.
    2. The Site Administration assumes that the User provides true and sufficient personal data and keeps it updated.
    3. The Site Administration shall be entitled to update this Personal Data Processing Policy. The new version of the Policy shall come into effect immediately after publication. The current revision is always available at:
  3. PURPOSE OF PERSONAL DATA PROCESSING
    1. The Site Administration only collects and keeps that personal data which is required to provide services to the User.
    2. The Site Administration processes personal data of Users for the following purposes:
      1. Identify the User.
      2. Provide the User with personalized offers and fulfill agreements and contracts.
      3. Communicate with the User, including notifications, requests and useful information, as well as process requests from the User.
      4. Improve the site and services provided by the Site Administration and develop new services.
      5. Conduct statistical and other surveys based on anonymised data.
  4. PRINCIPLES OF PERSONAL DATA PROCESSING
    • Personal data are processed based on the following principles:
    • Personal data are processed on a legal and fair basis.
    • Personal data are only processed for specific, predetermined and legal purposes. Personal data may only be processed for the purposes they were collected for.
    • Databases containing personal data which are processed for non-conforming purposes may not be merged or combined.
    • Processing may only include data required for the purpose of such processing.
    • Content and scope of personal data being processed conform with declared purposes of such processing. Personal data being processed is not superfluous with regard to declared purposes of such processing.
    • Accuracy, sufficiency and relevancy (if applicable) of processed data is ensured with regard to declared purposes of such processing.
    • Personal data is stored in such a way that the personal data subject may only be identified for as long as it is required for the purposes of personal data processing, unless the term of storage of personal data is set out in a federal law or in a contract to which the personal data subject is a party, a beneficiary or a guarantor. Personal data being processed is subject to destruction or anonymisation as soon as purposes of such processing are achieved or such purposes become irrelevant, unless specified otherwise by a federal law.
  5. TERMS OF PERSONAL DATA PROCESSING
    1. Personal data shall be processed in compliance with principles and rules set out in the Federal Law "On Personal Data". Personal data may be processed under the following conditions:
      • Personal data is processed with the consent of the subject of the personal data to such processing.
      • Processing of personal data is required for purposes of an international treaty or a law of the Russian Federation, in order to perform and fulfill functions, authorities and responsibilities imposed on the operator by laws of the Russian Federation.
      • Processing of personal data is required to administer justice, perform a court order or an order of another authority or an official, which is to be performed according to the legislation of the Russian Federation on enforcement proceedings.
      • Processing of personal data is required to fulfill an agreement to which the personal data subject is a party, a beneficiary or a guarantor, or to conclude an agreement on behalf of the subject of the personal data, or an agreement to which the personal data subject will be a beneficiary or a guarantor.
      • Processing of personal data is required to protect life, health or other vital interests of the subject of the personal data, when it is impossible to secure his or her consent.
      • Processing of personal data is required to exercise rights and lawful interests of the operator or third parties, or for purposes of public importance provided that in so doing the rights and liberties of the personal data subject are not violated.
      • Personal data is processed for statistical or other research purposes, provided that such personal data is anonymised. An exception is the processing of personal data for the purpose of promotion of products, works or services via direct contact with a potential consumer via communication channels, as well as for purposes of political campaigns.
      • Processing covers personal data which was made available to the general public by the subject of the personal data or at his request (hereinafter referred to as personal data disclosed by the subject).
      • Processing covers personal data which must be made available or disclosed according to a federal law.
    2. The Site Administration shall not process biometric personal data (physiological and biological details of a person which make it possible to identify him or her and which are used by the operator to identify the subject of the personal data).
    3. The Site Administration shall not transfer personal data across borders.
    4. Decisions which may produce legal consequences for the subject of the personal data or otherwise affect his or her rights or lawful interests shall never be made based solely on automated processing of personal data.
    5. When there is no written consent from the subject of the personal data required to process his or her personal data, such consent shall be deemed given when personal data are voluntarily provided by the subject of the personal data or on their behalf.
    6. The Site Administration shall be entitled to delegate processing of personal data to another party based on an agreement with such party (hereinafter referred to as the operator's delegation) unless prohibited by a federal law. In the event of such delegation the Site Administration shall bind such a processing party with the legal responsibilities to adhere to data processing principles and rules set out in federal laws.
    7. Should the Site Administration delegate processing of personal data to another party, the Site Administration shall bear full responsibility to the subject of the personal data for any actions of such party. The party processing data on behalf of the Site Administration shall bear responsibility to the Site Administration.
    8. The Site Administration shall not (and ensure that other parties given access to personal data do not) disclose or distribute personal data to third parties without the consent of the subject of the personal data , unless specified otherwise by a federal law.
  6. RESPONSIBILITIES OF THE SITE ADMINISTRATION

    • According to Federal Law 152-FZ "On Personal Data", the Site Administration has the following responsibilities:
      • Provide the subject of the personal data, on his or her request, with information related to processing of his or her personal data, or refuse to provide such information on legal grounds.
      • Update personal data, block or remove personal data which is incomplete, outdated or inaccurate, was obtained illegally or is not required for the declared purpose of processing, on the request of the subject of the personal data.
      • Notify the subject of the personal data of processing of his or her personal if such data was obtained from any source other than the subject of the personal data, except for the following circumstances:
        1. The subject was notified of processing of his or her personal data by the corresponding operator.
        2. Personal data was obtained by the Site Administration according to a federal law or in order to fulfill an agreement to which the subject of the personal data is a party, a beneficiary or a guarantor.
        3. Personal data was made publicly available by the subject of the personal data or was obtained from a publicly available source.
        4. The Site Administration processes personal data for statistical or other research purposes, for professional journalistic purposes, or for other scientific, literary or creative purposes, provided that in doing so the rights and lawful interests of the personal data subject are not violated.
        5. Providing the subject of the personal data with details contained in the Notification of personal data processing violates the rights and lawful interests of third parties.
      • Immediately stop processing of personal data and destroy such personal data within thirty days of the purposes of personal data processing being completely achieved, unless specified otherwise by an agreement to which the subject of the personal data is a party, a beneficiary or a guarantor, or by another agreement between the Site Administration and the subject of the personal data, or if the Site Administration may not process personal data without the consent of the subject of the personal data based on Federal Law "On Personal Data" or by other federal laws.
      • Stop processing personal data and destroy such personal data within thirty days of the subject of the personal data revoking his or her consent for such processing, unless specified otherwise by an agreement between the Site Administration and the subject of the personal data. The Site Administration shall notify the subject of the personal data of the destruction of his or her personal data.
      • Immediately stop processing of personal data if the subject of the personal data requests a stop to such processing for the purposes of promotion of products, works or services.
  7. MEASURES TO ENSURE SECURITY OF PERSONAL DATA BEING PROCESSED
    1. The Site Administration shall take any required legal, organizational or technical measures to protect personal data being processed from unauthorized or inadvertent access, destruction, modification, blocking, copying, disclosure, distribution or other illegal actions.
    2. The Site Administration shall take the following measures to ensure the security of personal data:
      • Identify security risks for personal data processed in personal data processing systems.
      • Take organizational and technical measures to ensure the security of personal data being processed in personal data processing systems, which are required to ensure personal data security levels officially set out by the Government of the Russian Federation.
      • Enforce data protection tools which were assessed for compliance according to established procedures.
      • Assess efficiency of personal data protection measures before the personal data processing system is put into operation.
      • Identify any unauthorized access to personal data and take corrective measures.
      • Restore personal data modified or destroyed due to unauthorized access.
      • Monitor measures taken to ensure security of personal data and security levels of personal data processing systems.