1.1. Company - Limited Liability Company "Soft Program", location address: 125212, Moscow, b-r Kronshtadsky, d. 6 / building. 4, Pom. 104, Com. 3V, OGRN 1197746652135 TIN/KPP 7743321173/774301001 (hereinafter also the Operator).
1.2. Personal Data Subject (PD Subject) - an individual, directly or indirectly identified or determined on the basis of Personal Data relating to him.
1.3. User - an individual who connects to the Site and / or Application and uses its functionality (services) on the basis of and in accordance with the itHelper User Agreement (https://ithelper.ru/en/terms), or uses the Operator's Services in accordance with and the Rules for using the Service Assistance service (https://ithelper.ru/offer).
1.4. Processor - a person who processes personal data on behalf of the Operator in accordance with the requirements of the law and this Personal Data Processing Policy.
1.5. Site - a set of programs for electronic computers and other information on the information and telecommunications network "Internet", designed to be displayed in a browser, accessed using the Company's domain names ithelper.ru, as well as its subdomains or mirrors.
1.6. Software "itHelper" (Software, Program) - a computer program owned by the Copyright Holder and which is a system for diagnosing a personal computer (hereinafter referred to as PC) by collecting information about the operating system (its technical characteristics, installed software, network status), with the ability to troubleshoot issues as well as consolidating this information for further analysis.
1.7. The basic version of the Software - is the main functionality of the Software provided free of charge when downloading the Distribution Kit from the Site.
1.8. Premium version of the Software - is an extended functionality of the Software available under the terms and conditions set forth in this Agreement.
1.9. Distribution kit - a set of programs, files on the Copyright Holder's website for installation and initial initialization of the Software.
1.10. Account - a set of data about the User, necessary to identify him and provide access to his personal settings.
1.11. Personal data (PD) - information relating to a directly or indirectly identified or identifiable natural person (subject of personal data).
1.12. Counterparty - a legal entity or an individual entrepreneur with whom a reimbursable contract has been concluded. The Counterparty may be a Partner.
1.13. Partner - a person to whom personal data is transferred for processing.
1.14. Operator's services - the activities of the Operator for the provision of remote service support services, carried out at the request of the User in accordance with the Rules for using the "Service Assistance" service (https://ithelper.ru/offer).
2.1. This Policy has been developed in accordance with the Constitution of the Russian Federation, the Labor Code of the Russian Federation, the Civil Code of the Russian Federation, the Federal Law of July 27, 2006 No. 149-FZ "On Information, Information Technologies and Information Protection", the Federal Law of July 27, 2006 No. 152-FZ "On Personal Data", Decree of the Government of the Russian Federation dated 01.11.2012 No. 1119 "On approval of requirements for the protection of personal data during their processing in personal data information systems", other federal laws and regulations.
2.2. The PD processing policy applies to all personal data that may be received by the Company in the course of its activities, including from Users.
2.3. The PD processing policy applies to all information that the Company may receive about the User while using the Site, services, any version of the software, or other services of the Company, and / or in the course of the Company's execution of any agreements and contracts with the User, including the possibility distribution of information, including advertising.
2.4. The counterparty of the Operator is responsible for the compliance of the processing of personal data with the current regulatory legal acts and the agreement (in its area of responsibility) of the following categories of personal data:
2.4.1. Subjects of personal data transferred for processing to the Partner.
2.4.2. Individuals - representatives acting on behalf of the Counterparty.
2.4.3. Own personal data, if the Counterparty of the Operator is an individual entrepreneur.
2.5. The requirement for the security of transferred personal data between the Operator and the Partner is provided for by the agreement concluded between them in accordance with applicable law.
2.6. The processing of personal data of the representative of the Counterparty of the Operator is allowed if it follows from the essence of the contract with the Counterparty.
2.7. The operator is obliged to adhere to the following principles when processing personal data:
2.7.1. the processing of personal data must be carried out on a lawful and fair basis;
2.7.2. the processing of personal data should be limited to the achievement of specific, predetermined and legitimate purposes. It is not allowed to process personal data that is incompatible with the purposes of collecting personal data;
2.7.3. it is not allowed to combine databases containing personal data, the processing of which is carried out for purposes that are incompatible with each other;
2.7.4. only personal data that meet the purposes of their processing are subject to processing;
2.7.5. the content and scope of the processed personal data must correspond to the stated purposes of processing. The processed personal data should not be excessive in relation to the stated purposes of their processing;
2.7.6. when processing personal data, the accuracy of personal data, their sufficiency, and, if necessary, relevance in relation to the purposes of processing personal data, must be ensured. The Company must take the necessary measures or ensure that measures are taken to remove or clarify incomplete or inaccurate data;
2.7.7. storage of personal data should be carried out in a form that allows determining the subject of personal data, no longer than required by the purposes of processing personal data, unless the period for storing personal data is established by federal law, an agreement to which the subject of personal data is a party, beneficiary or guarantor. The processed personal data is subject to destruction upon achievement of the purposes of processing or in case of loss of the need to achieve these purposes, unless otherwise provided by federal law.
2.8. The Company proceeds from the fact that the User consciously determines his requests and controls the technical parameters of the equipment he uses, and also familiarized himself with this Policy in full. If the User does not agree with the Policy, the use of the Software must be terminated.
2.9. This Policy is published on the Internet, and is also posted at the Operator's sales offices.
3.1. The operator processes personal data of the following categories of personal data subjects:
3.1.1. Employees of the Operator, laid-off employees, candidates for filling vacant positions, similar categories, the processing of which is provided for by labor legislation (hereinafter referred to as Employees of the Operator);
3.1.3. Representatives of the Counterparties of the Operator.
4.1. The personal data of the Operator’s Employees are processed on the basis of subparagraphs 1, 2, 7 of paragraph 1 of Article 6 of the Federal Law of July 27, 2006 N 152-FZ “On Personal Data”, in order to comply with the provisions of the Labor Code of the Russian Federation (hereinafter also the Labor Code of the Russian Federation), in order to fulfillment of the provisions of the employment contract, as well as regulatory legal acts related to the Labor Code of the Russian Federation.
4.2. Personal data of Users in terms of using the Site/Software and receiving the Operator's Services are processed in accordance with subparagraphs 1 and 5 of paragraph 1 of Article 6 of the Federal Law of July 27, 2006 N 152-FZ "On Personal Data" in order to familiarize themselves with the services of the Operator, the intention to conclude an agreement , the execution of the agreement concluded by the User's acceptance of a public offer for the use of the Software posted by the Operator (hereinafter referred to as the Offer).
4.3. The personal data of the Counterparty's representatives are processed in accordance with subparagraphs 5, 7 of paragraph 1 of Article 6 of the Federal Law of July 27, 2006 N 152-FZ "On Personal Data" in order to conclude and execute an agreement with the Counterparty.
4.4. Personal data of various categories of personal data subjects are processed in accordance with subparagraphs 1, 5, 7 of paragraph 1 of Article 6 of the Federal Law of July 27, 2006 N 152-FZ "On Personal Data" in order to consider applications and make decisions on them, inform about the decisions taken , providing information in connection with requests.
4.5. Personal data is processed in accordance with subparagraphs 1, 7, 9 of paragraph 1 of Article 6 of the Federal Law of July 27, 2006 N 152-FZ "On Personal Data" for the purpose of conducting marketing research, studying the degree of satisfaction with consumer quality and characteristics of services, statistical purposes.
4.6. Personal data may be used for other purposes, if this is mandatory in accordance with the provisions of the legislation of the Russian Federation.
4.7. The processing of personal data is limited to the achievement of specific, predetermined and legitimate purposes. It is not allowed to process personal data that is incompatible with the purposes of collecting personal data.
5.1. The Operator processes the following categories of personal data of Employees: last name, first name, patronymic, year of birth, gender, age, profession, income, social status, employment, passport data; data on a military ID (for those liable for military service), a certificate of assignment of a TIN, an insurance pension certificate, cases containing materials on advanced training and retraining, certification, internal investigations, account, residential address, registration address, phone number, date of birth, position, information about the change of full name, the nearest metro station, information about skills, health status, information about the presence of financial obligations.
5.2. The Operator processes the following categories of Users' personal data: last name, first name, patronymic, email address, mobile phone number, account balance, Users' actions on the Site, Site Users' devices, location data, information about the Site User's provider, location data, behavior Users on the Site, browser information, operating system, screen resolution and color information, Flash and Java support information, keywords and search queries, device information, time zone, browser language, screen color depth, visitor interests, download options page, file download, time spent on the site.
5.3. The Operator processes the personal data of the Counterparties' representatives: last name, first name, patronymic (if any), position, other information stipulated by the agreement with the Counterparty.
5.4. When personal data subjects use the Operator's Sites, the Operator processes data provided for by international data exchange protocols over the Internet, including (but not limited to): IP address, MAC address, device ID, IMEI, MEID, Cookies data, access time.
5.5. When the Users use the Software, the Operator processes the following data, the collection and analysis of which is provided for by the functionality of the Software:
For the Basic version of the software:
For the Premium version of the software:
5.6. The period of storage of personal data is determined by the contract or the nature of another basis for processing:
5.6.1. The term for processing the PD of Employees is no more than 30 days from the moment the grounds for processing were lost.
5.6.2. The term for processing the PD of Users is until the termination of the agreement with the User concluded on the basis of the Offer, that is, until the complete removal of the Operator's software from the personal device.
5.6.3. The term for processing the personal data of the Counterparties: until the termination of the contract; storage of material media containing personal data of representatives of counterparties - until the expiration of the limitation period.
5.7. To ensure the storage of personal data on physical media, premises equipped with protective equipment are determined in accordance with the order of the enterprise. The storage of completed documents containing personal data is carried out in an archive or in a separate room (cabinet). Storage of material carriers of personal data is carried out separately for each category of personal data subjects.
5.8. Consent to the processing of personal data may be withdrawn by the PD Subject. In the event that the Personal Data Subject withdraws consent to the processing of personal data, the operator has the right to continue processing personal data without the consent of the Personal Data Subject if there are grounds specified by applicable law.
6.1. The operator may process personal data in personal data information systems.
6.2. In case of transfer of personal data for processing to the Partner, where the use of ISPD is expected, the concluded agreement provides for the obligation to protect personal data in ISPD in accordance with applicable law.
7.1. The subject of personal data has the right:
7.1.1. apply for changes to the provided personal data, their deletion;
7.1.2. require notification of all persons who have previously been provided with incorrect or incomplete personal data;
7.1.3. send requests to the Operator regarding the processing of his personal data;
7.1.4. require a list of their personal data processed by the Company and the source of their receipt;
7.1.5. receive information about the terms of processing of their personal data, including the terms of their storage;
7.1.6. require notification of all persons who were previously informed of incorrect or incomplete personal data of all exceptions, corrections or additions made to them;
7.1.7. to protect their rights and legitimate interests, including compensation for losses and (or) compensation for moral damage in court;
7.1.8. exercise other rights provided for by applicable law.
8.1. The operator has the right:
8.1.1. process the personal data of the PD Subject in accordance with the stated purpose;
8.1.2. require the PD Subject to provide reliable personal data necessary for the execution of the contract, provision of services, identification of the Personal Data Subject, as well as in other cases provided for by the legislation on personal data;
8.1.3. limit the access of the PD Subject to his personal data if the Personal Data Processing is carried out in accordance with the legislation on combating the legalization (laundering) of proceeds from crime and the financing of terrorism, the PD Subject's access to his personal data violates the rights and legitimate interests of third parties , as well as in other cases provided for by the legislation of the Russian Federation;
8.1.4. process publicly available personal data of individuals;
8.1.5. to process personal data subject to publication or mandatory disclosure in accordance with the legislation of the Russian Federation;
8.1.6. entrust the processing of personal data to another person with the consent of the Subject of personal data on the terms of this Policy.
8.2. The operator is obliged:
8.2.1. use the received Personal Data solely for the purposes specified in this Policy;
8.2.2. ensure the storage of Personal Data in secret, not to disclose without the prior written permission of the User, and also not to sell, exchange, publish, or disclose in other possible ways the transferred personal data of the User, except as otherwise provided by law;
8.2.3. take precautions to protect the confidentiality of the User's Personal Data in accordance with the procedure usually used to protect this kind of information in existing business transactions;
8.2.4. to block personal data relating to the relevant User from the moment of the request or request of the User or his legal representative or authorized body for the protection of the rights of subjects of personal data for the period of verification, in case of detection of false personal data or illegal actions.
8.3. Upon reaching the goals of processing personal data, as well as in the event that the subject of personal data withdraws consent to their processing, personal data shall be destroyed if:
8.3.1. The Company is not entitled to process without the consent of the Subject of personal data on the grounds provided for by the Federal Law "On Personal Data" or other federal laws;
8.3.2. otherwise is not provided by another agreement between the Company and the Subject of personal data.
8.4. The Company is obliged to provide the Personal Data Subject or his representative with information about the processing of personal data of such subject, carried out by him at the request of the latter.
8.5. The Company also has other rights and bears other obligations established by the Federal Law "On Personal Data".
9.1. When processing personal data, the Operator takes the necessary legal, organizational and technical measures and ensures their adoption to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in in relation to personal data, which are in particular (but not limited to):
9.2. Appointment of a person responsible for the processing of personal data.
9.3. Restriction of the composition of employees with access to personal data.
9.4. Software identification of Users, employees of the Operator and accounting of their actions.
9.5. Implementation of anti-virus control and other measures against malicious software and mathematical impact.
9.6. Application of backup and recovery tools.
9.7. Update software when vendor-specific security patches are available.
9.8. Implementation of encryption when transferring personal data on the Internet.
9.9. Taking measures related to the admission of only appropriate persons in the places of installation of technical means.
9.10. The use of technical means of protection of premises in which the technical means of information systems of personal data are located, and places of storage of material carriers of personal data.
9.11. The operator ensures the security of personal data, in particular:
9.11.1. taking into account the possible harm to the subject of personal data, the volume and content of the processed personal data, the type of activity in which personal data is processed, the relevance of threats to the security of personal data
9.11.2. the use of technical measures in accordance with threats to the security of personal data during their processing in personal data information systems.
9.11.3. application of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems necessary to meet the requirements for the protection of personal data, the implementation of which ensures the levels of personal data protection established by the Government of the Russian Federation;
9.11.4. the use of information security tools that have passed the conformity assessment procedure in the prescribed manner;
9.11.5. assessment of the effectiveness of the measures taken to ensure the security of personal data before starting work in the information system of personal data, carried out by the Company;
9.11.6. taking into account machine carriers of personal data, if they are used;
9.11.7. procedures related to the detection of facts of unauthorized access to personal data and the adoption of measures;
9.11.8. recovery of personal data modified or destroyed due to unauthorized access to them;
9.11.9. establishing rules for access to personal data processed in the personal data information system, as well as ensuring the registration and accounting of all actions performed with personal data in the personal data information system;
9.11.10. control over the measures taken to ensure the security of personal data and the level of security of personal data information systems.
10.1. Only licensed anti-virus tools purchased from the suppliers of these tools are allowed to be used.
10.2. The installation and configuration of the parameters of anti-virus control tools on workstations and servers is carried out by the information security administrator or by persons under an agreement containing the relevant conditions.
10.3. Anti-virus tools should be updated automatically. The antivirus is allowed to work with updates no older than 72 hours.
10.4. An anti-virus monitor must be running on each workstation and server in resident mode.
10.5. Mandatory anti-virus control is subject to any information received via telecommunication channels and on removable media.
10.6. The software to be installed must be checked for viruses beforehand.
11.1. To ensure the security of personal data during non-automated processing, the following measures are taken:
11.2. All actions for the processing of personal data are carried out only by the employees of the Operator, who are allowed by the order of the sole executive body to work with personal data, and only to the extent necessary for these persons to perform their labor function;
11.3. An agreement is concluded with the Partner that performs non-automated processing of personal data, including the conditions for taking appropriate measures to protect personal data.
11.4. The processing of personal data is carried out in compliance with the procedure stipulated by the Government Decree of September 15, 2008 No. 687 “On approval of the Regulations on the specifics of the processing of personal data carried out without the use of automation tools”.
12.1. The operator and other persons who have gained access to personal data are obliged not to disclose to third parties and not to distribute personal data without observing the principle based on the consent of the subject of personal data, except as otherwise provided by applicable law.
12.2. Employees of the Company admitted to the Processing of Personal Data are obliged to:
12.2.1. Know and strictly comply with the provisions of the legislation of the Russian Federation in the field of Personal Data; this Policy; local acts of the Company on the Processing and security of Personal data;
12.2.2. Process Personal Data only as part of the performance of their job duties;
12.2.3. Do not disclose Personal Data processed by the Company;
12.2.4. Report the actions of other persons that may lead to a violation of the provisions of this Policy;
12.2.5. Report known facts of violation of the requirements of this Policy to the person responsible for organizing the processing of Personal data in the Company.
12.3. With regard to the User's Personal Data, their confidentiality is maintained, except in cases where the User voluntarily provides information about himself for general access to an unlimited number of persons.
12.4. The Operator has the right to transfer the User's Personal Data to third parties in the following cases:
12.4.1. The subject of personal data has clearly expressed his consent to such actions;
12.4.2. The transfer is necessary for the User to use certain options of the Site, or for the execution of a certain agreement or contract with the User;
12.4.3. The transfer of Personal Data is provided for by Russian or other applicable law;
12.4.4. The transfer occurs as part of the sale or other transfer of the business (in whole or in part), while the acquirer transfers all obligations to comply with the terms of this Policy in relation to the personal information received by him;
12.4.5. As a result of processing the User's personal information by depersonalizing it, depersonalized statistical data may be obtained, which are transferred to a third party for research, performance of work or provision of services on behalf of the Operator.
12.5. In case of loss or disclosure of personal data, the Operator informs the User about this fact immediately in the manner prescribed by the local acts of the Company.
13.1. The destruction of the personal data of the Subject is carried out in the following cases:
13.1.1. Upon reaching the goals of their processing or in case of loss of the need to achieve them within a period not exceeding thirty days from the date of achieving the goal of processing personal data, unless otherwise provided by the agreement to which the subject of personal data is a party, another agreement between the Operator and the subject of personal data (his representative, employer).
13.1.2. In case of detection of unlawful processing of personal data or lawful withdrawal of personal data within a period not exceeding ten working days from the date of detection of such a case;
13.1.3. In the event of the expiration of the period of storage of personal data, determined in accordance with the legislation of the Russian Federation and the organizational and administrative documents of the Operator;
13.1.4. In the case of an order from the authorized body for the protection of the rights of personal data subjects, the prosecution authorities of Russia or a court decision.
14.1. The operator does not carry out cross-border processing of personal data. When storing personal data using the ISPD of contractors, the Operator uses databases located on the territory of the Russian Federation.
14.2. The Operator may transfer personal data to other persons, hosting providers, analytics services, other persons in order to fulfill the contract concluded with the Customer (Partners).
14.3. The Operator guarantees the conclusion of an adequate order for the processing of personal data in the event that Partners are involved in accordance with the contractual powers of the Operator.
14.4. The operator has the right to transfer personal data to the bodies of inquiry and investigation, other authorized bodies on the grounds provided for by the current legislation of the Russian Federation.
15.1. The Operator guarantees that it does not process special categories of personal data, namely those related to race, nationality, political views, religious or philosophical beliefs, health status, intimate life, as well as biometric personal data of the Subjects.
15.2. The Operator has no processes related to decision-making solely on the basis of automated processing of personal data.
15.3. The Operator does not provide unrestricted access to personal data to third parties.
15.4. The Operator does not carry out initiative contacts for information and advertising purposes.
16.1. The term for processing personal data processed by the Operator may be determined (redefined) by the organizational and administrative documents of the Operator in accordance with the provisions of the Federal Law "On Personal Data".
16.2. This Policy is subject to change, addition in the event of the emergence of new legislative acts and special regulations on the processing and protection of personal data, as well as by the decision of the Operator. The Operator makes changes to this Policy without the consent of the User and prior notice to the User. The updated version of the Policy comes into force from the moment it is posted on the Site, unless otherwise provided by the new version of the Policy. When making changes in the current version, the date of the last update is indicated.
16.3. Control over the fulfillment of the requirements of this Policy is carried out by the person responsible for organizing the processing of personal data.
16.4. Issues not regulated by this Policy are governed by the current legislation of the Russian Federation.
16.5. The User has the right to send all suggestions or questions regarding this Policy to the Operator's address: 125212, Moscow, Kronshtadsky blvd., 6/ bldg. 4, Pom. 104, Com. 3B, or email firstname.lastname@example.org.