1.1. The Operator’s principal goal and condition for carrying out its activities is the observance of human and civil rights and freedoms during the processing of personal data, including the protection of rights to personal and family privacy.

2.1. Automated processing of personal data – processing of personal data using computer technology.

2.2. Blocking of personal data – temporary suspension of the processing of personal data (except when processing is necessary for clarifying personal data).

2.4. Personal data information system — a collection of personal data contained in databases and the information technologies and technical means ensuring their processing.

2.5. Anonymization of personal data — actions as a result of which it is impossible to determine the ownership of personal data to a specific User or other personal data subject without the use of additional information.

2.6. Processing of personal data – any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.

2.7. Оператор – государственный орган, муниципальный орган, юридическое или физическое лицо, самостоятельно или совместно с другими лицами организующие и (или) осуществляющие обработку персональных данных, а также определяющие цели обработки персональных данных, состав персональных данных, подлежащих обработке, действия (операции), совершаемые с персональными данными.

2.8. Персональные данные – любая информация, относящаяся прямо или косвенно к определенному или определяемому Пользователю веб-сайта https://next-genium.com/en.

2.9. Personal data authorized by the personal data subject for dissemination — personal data whose access by an unlimited number of persons is granted by the personal data subject by giving consent to the processing of personal data authorized by the personal data subject for dissemination in the manner provided by the Law on Personal Data (hereinafter — personal data authorized for dissemination).

2.11. Предоставление персональных данных – действия, направленные на раскрытие персональных данных определенному лицу или определенному кругу лиц.

2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite circle of people (transferring personal data) or making personal data available to an unlimited number of people, including the disclosure of personal data in the mass media, placement in information and telecommunications networks, or providing access to personal data in any other way.

2.13. Cross-border transfer of personal data — the transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual, or a foreign legal entity.

2.14. Destruction of personal data — any actions as a result of which personal data are irreversibly destroyed with no possibility of further recovery of the content of personal data in the personal data information system and/or the physical media containing personal data are destroyed.

3.1. The Operator has the right to:

– receive from the personal data subject accurate information and/or documents containing personal data;

– continue processing personal data without the consent of the personal data subject if the personal data subject withdraws consent, provided there are grounds specified in the Personal Data Law;

– independently determine the composition and list of measures necessary and sufficient to ensure compliance with the obligations provided by the Personal Data Law and the regulatory acts adopted in accordance with it, unless otherwise provided by the Personal Data Law or other federal laws.

3.2. The Operator is obliged to:

– provide the personal data subject, upon their request, with information regarding the processing of their personal data;

– organize the processing of personal data in the manner established by the current legislation of the Russian Federation;

– respond to inquiries and requests from personal data subjects and their legal representatives in accordance with the requirements of the Personal Data Law;

– report to the authorized body for the protection of the rights of personal data subjects the necessary information within 30 days from the date of receiving such a request from this body;

– publish or otherwise provide unrestricted access to this Policy on the processing of personal data;

– take legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, dissemination of personal data, as well as from other unlawful actions in relation to personal data;

– stop the transmission (distribution, provision, access) of personal data, cease processing and destroy personal data in the manner and cases provided by the Personal Data Law;

– perform other duties provided by the Personal Data Law.

4.1. Personal data subjects have the right to:

– Receive information pertaining to the processing of their personal data, except in cases provided by federal laws. Information is provided to the personal data subject by the Operator in an accessible form and must not contain personal data relating to other personal data subjects, except when there are lawful grounds for disclosing such personal data. The list of information and the procedure for obtaining it are established by the Personal Data Law;

– Demand the operator to clarify their personal data, block or destroy it if the personal data is incomplete, outdated, inaccurate, unlawfully obtained, or not necessary for the declared purpose of processing, as well as to take legally provided measures to protect their rights;

– Set a condition of prior consent when processing personal data for the purpose of marketing goods, works, and services;

– Withdraw consent to the processing of personal data;

– Appeal against the unlawful actions or inaction of the Operator in the processing of their personal data to the authorized body for the protection of the rights of personal data subjects or in court;

– Exercise other rights provided by the legislation of the Russian Federation.

4.2. Personal data subjects are obliged to:

– Provide the Operator with accurate data about themselves;

– Inform the Operator about the clarification (update, change) of their personal data.

4.3. Individuals who have provided the Operator with false information about themselves, or information about another personal data subject without their consent, are liable in accordance with the legislation of the Russian Federation.

5.1. Surname, first name, patronymic.

5.2. Email address.

5.3. Phone numbers.

5.4. Year, month, date, and place of birth.

5.5. Photographs.

5.6. The website also collects and processes anonymized data about visitors (including "cookie" files) using internet statistics services (Yandex Metrica, Google Analytics, and others).

5.7. The aforementioned data are henceforth in this Policy collectively referred to as Personal Data.

5.8. The processing of special categories of personal data related to racial or ethnic origin, political opinions, religious or philosophical beliefs, or sex life is not performed by the Operator.

5.9. The processing of personal data allowed for distribution, among the special categories of personal data specified in Part 1 of Article 10 of the Personal Data Law, is permissible if the prohibitions and conditions set forth in Article 10.1 of the Personal Data Law are observed.

5.10. User consent for the processing of personal data allowed for distribution is formalized separately from other consents for processing their personal data. The conditions specified in, in particular, Article 10.1 of the Personal Data Law are observed. The content requirements for such consent are established by the authorized body for the protection of the rights of personal data subjects.

5.10.1 The User provides consent for the processing of personal data allowed for distribution directly to the Operator.

5.10.2 The Operator must, within three working days from the receipt of the said consent from the User, publish information about the conditions of processing, about the presence of prohibitions and conditions on the processing of personal data allowed for distribution by an unlimited number of persons.

5.10.3 The transfer (distribution, provision, access) of personal data allowed by the personal data subject for distribution must be terminated at any time at the request of the personal data subject. This requirement must include the surname, first name, patronymic (if any), contact information (phone number, email address, or postal address) of the personal data subject, as well as the list of personal data whose processing is to be terminated. The personal data specified in this requirement may only be processed by the Operator to whom it is directed.

5.10.4 Consent for the processing of personal data allowed for distribution ceases to be effective from the moment the Operator receives the requirement specified in paragraph 5.10.3 of this Policy concerning the processing of personal data.

6.1. Personal data processing is carried out on a lawful and fair basis.

6.2. Personal data processing is limited to achieving specific, predefined, and lawful purposes. The processing of personal data incompatible with the purposes of collecting personal data is not allowed.

6.3. Combining databases containing personal data processed for incompatible purposes is not allowed.

6.4. Only personal data that meets the purposes of its processing are subject to processing.

6.5. The content and volume of processed personal data correspond to the declared processing purposes. Processing of personal data in excess of the declared purposes is not allowed.

6.6. When processing personal data, accuracy, sufficiency, and, where necessary, relevance of the personal data with respect to the purposes of processing are ensured. The Operator takes necessary measures and/or ensures their implementation to delete or correct incomplete or inaccurate data.

6.7. Personal data is stored in a form that allows identifying the personal data subject, no longer than required by the purposes of personal data processing unless the storage period for personal data is established by federal law, a contract where the personal data subject is a party, beneficiary, or guarantor. Processed personal data are destroyed or anonymized upon achieving the processing goals or when there is no longer a need to achieve these goals, unless otherwise provided by federal law.

7.1. The purposes of processing the User's personal data are:

7.3. Anonymized data of Users collected through internet statistics services are used to gather information about the actions of Users on the site, to improve the quality of the site and its content.

8.1. The legal bases for the processing of personal data by the Operator are:

– federal laws, other regulatory legal acts in the field of personal data protection;

– consents of Users to the processing of their personal data, and to the processing of personal data allowed for distribution.

8.3. The Operator processes anonymized data about the User if this is allowed in the settings of the User’s browser (saving of "cookie" files and the use of JavaScript technology is enabled).

8.4. The personal data subject independently decides to provide their personal data and gives consent freely, by their own will, and in their own interest.

9.1. The processing of personal data is carried out with the consent of the personal data subject for the processing of his personal data.

9.2. The processing of personal data is necessary for achieving the purposes provided for by an international treaty of the Russian Federation or by law, for performing the functions, powers, and duties laid upon the operator by the legislation of the Russian Federation.

9.3. The processing of personal data is necessary for the administration of justice, execution of a judicial act, an act of another body or official which is to be executed in accordance with the legislation of the Russian Federation on enforcement proceedings.

9.4. The processing of personal data is necessary for the execution of a contract where the personal data subject is a party or a beneficiary or guarantor, as well as for entering into a contract at the initiative of the personal data subject or a contract where the personal data subject will be a beneficiary or guarantor.

9.5. The processing of personal data is necessary for the realization of the rights and lawful interests of the operator or third parties, or for achieving socially significant goals, provided that this does not infringe on the rights and freedoms of the personal data subject.

9.6. Processing of personal data is carried out, access to which is provided by the personal data subject or at his request (hereinafter – publicly available personal data).

9.7. Processing of personal data that must be published or disclosed in accordance with federal law is carried out.

10.1. The Operator ensures the security of personal data and takes all possible measures to exclude access to personal data by unauthorized persons.

10.2. User’s personal data shall never, under any circumstances, be transferred to third parties, except in cases related to the execution of applicable legislation or if the personal data subject has given consent to the Operator to transfer data to a third party to fulfill obligations under a civil-law contract.

10.5. All information collected by third-party services, including payment systems, communication means, and other service providers, is stored and processed by said parties (Operators) in accordance with their User Agreement and Privacy Policy. The personal data subject and/or User is obligated to familiarize themselves with these documents in a timely manner. The Operator is not responsible for the actions of third parties, including those service providers mentioned in this paragraph.

10.6. Prohibitions set by the personal data subject on the transfer (except for providing access), as well as on processing or conditions of processing (except for obtaining access) of personal data allowed for distribution do not apply in cases of processing personal data in state, public, and other public interests as defined by the legislation of the Russian Federation.

10.7. The Operator ensures the confidentiality of personal data during processing.

10.8. The Operator stores personal data in a form that allows identifying the personal data subject, no longer than required by the purposes of personal data processing, unless the storage period of personal data is established by federal law, a contract where the personal data subject is a party, beneficiary, or guarantor.

10.9. Conditions for the termination of personal data processing may include achieving the purposes of personal data processing, expiration of the personal data subject's consent or withdrawal of consent by the personal data subject, as well as detection of unlawful processing of personal data.

11.1. The Operator carries out the collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data.

11.2. The Operator performs automated processing of personal data with the receipt and/or transmission of the information obtained through information-telecommunication networks or without them.

12.1. Before initiating the transborder transfer of personal data, the Operator must ensure that the foreign state to which the personal data is to be transferred provides reliable protection of the rights of personal data subjects.

12.2. Transborder transfer of personal data to the territories of foreign states that do not meet the above requirements can only be carried out if there is written consent from the personal data subject for the transborder transfer of their personal data and/or in execution of a contract in which the personal data subject is a party.

14.2. Any changes to the Operator's personal data processing policy will be reflected in this document. The policy is effective indefinitely until replaced by a new version.