Политика конфиденциальности Goality Consulting на английском

PERSONAL DATA PROCESSING POLICY.

May 01, 2024

This Personal Data Privacy Policy (hereinafter referred to as the Privacy Policy) applies to all personal data that the Personal Data Processing Operator (hereinafter referred to as the PDPO) can receive about the subject of Personal Data while using any of the Sites: https://alenaloktionova.com/prohomeexchange, http://alprohomeexchange.com, including all their subdomains. PDPO asks you to carefully read the Privacy Policy and, if you disagree with any provisions, stop using the Site and leave it immediately.
1 BASIC TERMS

Basic terms used in the Privacy Policy:
1.1. Automated processing of personal data - processing of personal data using computer technology.
1.2. Blocking of personal data - temporary cessation of processing of personal data (except for cases where processing is necessary to clarify personal data).
1.3. Information system of personal data - the totality of personal data contained in databases and information technologies and technical means ensuring their processing.
1.4. Privacy of personal data - obligatory for compliance with the PDPO or other persons who have access to Personal Data is the requirement not to allow their dissemination without the consent of the Personal Data subject or the presence of another legal basis.
1.5. Depersonalization of personal data - actions as a result of which it becomes impossible to determine the ownership of personal data by a specific subject of personal data without the use of additional information.
1.6. Processing of personal data - any action (operation) or set of actions (operations) performed by PDPO using automation tools or without the use of such means with Personal data, including collection, recording, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision , access), depersonalization, blocking, deletion, destruction of Personal data.
1.7. Personal Data Processing Operator (PDPO) - GOALITY CONSULTING, INC, American company registered in the state of Florida, email: mail@alprohomeexchange.com, who independently or jointly with other persons organizes and (or) carries out the processing of Personal Data, and also determines the purposes of processing Personal Data, the composition of Personal Data to be processed, actions (operations) performed with Personal Data.
1.8. Personal data - any information relating directly or indirectly to a specific or identifiable individual (subject of Personal Data).
1.9. Personal data authorized by the subject of personal data for distribution, - personal data, access to an unlimited number of persons, to which is provided by the User (subject of personal data) by giving consent to the processing of personal data authorized by the subject of personal data for distribution in the manner prescribed by law.
1.10. Privacy Policy - this document with all changes and additions, located on each of the Sites on the Internet.
1.11. User - subject of Personal data, a legally capable individual who uses the Site in his own interests. According to the text of this Privacy Policy, the User is also indicated as the subject of Personal Data.
1.12. Providing personal data - actions aimed at disclosing personal data to a certain person or a certain circle of persons.
1.13. Site, Sites - a set of graphic and information materials, as well as computer programs and databases, ensuring their availability on the Internet at each network address: https://alenaloktionova.com/prohomeexchange, http://alprohomeexchange.com, including all their subdomains.
1.14. Dissemination of personal data - actions aimed at disclosing personal data to an indefinite number of persons.
1.15. Cross-border transfer of personal data - transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual or a foreign legal entity.
1.16. Destruction of personal data - actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which material media of personal data are destroyed.
1.17. Files cookies - a small piece of data sent by the web server and stored on the User's device used to access the Site, which the web client or web browser sends to the web server each time in an HTTPS request when attempting to open a page of the corresponding site.
1.18. Subject of personal data - a legally capable individual who uses the Site in his own interests.
1.19. IP address - unique network address of a node in a computer network built using the IP protocol.

2. GENERAL PROVISIONS

2.1. The privacy policy defines the purposes, content and procedure for processing Personal Data, measures aimed at protecting Personal Data, as well as procedures aimed at identifying and preventing violations of the law. This Privacy Policy establishes the responsibilities of the PDPO for the processing of Personal Data, their protection, including ensuring a regime for protecting the confidentiality of Personal Data provided to the PDPO.
2.2. This Privacy Policy defines the policy of PDPO, as the operator processing Personal Data, regarding the processing and protection of Personal Data. The processing of Personal Data by PDPO is carried out in compliance with the principles and conditions provided for by this Privacy Policy and legislation in the field of Personal Data. The Operator sets as its most important goal and condition for carrying out its activities the observance of the rights and freedoms of man and citizen when processing his Personal Data, including the protection of the rights to privacy, personal and family secrets.
2.3. This Privacy Policy applies only to information received during the use of the Site and as part of the fulfillment of contractual obligations of the PDPO.
2.4. The User decides to provide his Personal Data and consents to its processing freely, of his own free will and in his own interest. Consent to the processing of Personal Data must be specific, substantive, informed, conscious and unambiguous. PDPO does not verify the accuracy of the Personal data provided by the User.
2.5. Using the Site means agreeing to this Privacy Policy and the terms of processing of Personal Data.
2.6. By accepting this Privacy Policy, the User hereby gives his consent to the PDPO to process his Personal data specified in section 3 of this Privacy Policy, including collection, recording, accumulation, storage, clarification (updating, changing), extraction, use, transfer to third parties to persons (distribution, provision, access), depersonalization, blocking, deletion, destruction of Personal data for the purposes specified in section 3.
2.7. The subject of personal data, refusing to give consent to the processing of his Personal Data by PDPO for the purposes specified in section 3, understands that he will not be able to take advantage of all the capabilities of the Site and its services, and the use of the Site will be available in a limited mode.
2.8. A personal data subject who has provided Personal Data that does not fully comply with the requirements of the relevant section of the Site or does not correspond to reality will not be able to take advantage of all the capabilities of the Site and its services, including receiving certain services provided through the Site, and use of the Site will be available in a limited mode.
2.9. PDPO's rights:
- collect personal data through forms on the Site;
- provide access to the Site;
- collect, record, accumulate, store, clarify (update, change), extract, use, transfer (distribution, provision, access), depersonalize, block, delete, destroy Personal Data;
- transfer Personal data to third parties on the basis of contracts concluded to achieve the purposes specified in section 3 of the Privacy Policy;
- entrust the processing of Personal Data to another person with the consent of the User, unless otherwise provided by federal law, on the basis of an agreement concluded with this person (hereinafter referred to as the PDPO instruction). The person processing Personal Data on behalf of PDPO is obliged to comply with the principles and rules for processing Personal Data provided for by the current legislation, maintain the confidentiality of Personal Data, and take the necessary measures aimed at ensuring the fulfillment of the obligations provided for by the current legislation. The order of the PDPO must define a list of Personal Data, a list of actions (operations) with Personal Data that will be performed by the person processing Personal Data, the purposes of their processing, the obligation of such a person to maintain the confidentiality of Personal Data, and legal requirements must be established.
- if the User withdraws consent to the processing of Personal Data, PDPO has the right to continue processing Personal Data without the User's consent if there are grounds specified in the current legislation;
- refuse the User to fulfill a repeated request for information regarding his Personal Data, which is processed by PDPO in accordance with the terms of the law when providing a reasoned response;
- Disseminate Personal Data if there is a separate consent for the dissemination of personal data.
2.10. Responsibilities of the PDPO:
- Use the received Personal Data solely for the purposes specified in Section 3 of this Privacy Policy.
- Provide the User with information regarding his Personal Data upon receipt of a corresponding request or request.
- In the event of loss or disclosure of confidential information, PDPO is not responsible if this confidential information:
•became public domain until lost or disclosed;
•was received from a third party before it was received by the PDPO;
• was disclosed with the consent of the User.
- Inform the Personal Data Subject or his representative information about the processing of Personal Data of such Personal Data Subject carried out by the PDPO upon his request.
- Do not disclose or distribute Personal Data to third parties without the consent of the User, unless otherwise provided by law..
- When receiving a request or appeal from the User, provide him with the information and information specified in the request/application in an accessible form and without indicating Personal Data relating to other subjects of personal data, unless there are legal grounds for the disclosure of such Personal Data.
- Explain to the User the procedure for making a decision based solely on Automated processing of his personal data and the possible legal consequences of such a decision, provide the User with the opportunity to object to such a decision, and also explain the procedure for protecting the User's rights and legitimate interests. PDPO is obliged to consider the objection specified in this paragraph within thirty days from the date of its receipt and notify the subject of personal data about the results of consideration of such objection.
- Explain to the User the legal consequences of refusal to provide his Personal Data and (or) consent to their processing, if, in accordance with federal law, the provision of Personal Data and (or) obtaining PDPO consent to the processing of Personal Data is mandatory.
- When collecting Personal Data, including through the information and telecommunications network "Internet", PDPO is obliged to ensure recording, systematization, accumulation, storage, clarification (updating, changing), retrieval of Personal data using databases located at the location of PDPO or partners , contractors, platforms attracted by PDPO to carry out activities.
- PDPO is obliged to ensure reliable protection of Personal data and protection of their confidentiality.
2.11. User's rights:
- Has the right to demand from PDPO clarification of his Personal data, their blocking or destruction if the Personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing, by sending a request to the email address mail@alprohomeexchange.com.
- The right to request information about the measures taken by the PDPO to protect Personal Data.
- The right to send a request to the PDPO regarding your Personal Data, which is processed by the PDPO, by sending an appeal to the PDPO by email mail@alprohomeexchange.com.
- The right to send a repeated request to PDPO regarding your Personal Data processed by PDPO no earlier than 30 (thirty) days after the initial application or sending of the initial request, unless a shorter period is established by law.
- He has the right to contact the PDPO again or send him a repeated request in order to obtain information regarding his Personal data that is processed by the PDPO, as well as in order to familiarize himself with the processed Personal data before the expiration of 30 (thirty) days if such information and (or ) the processed Personal Data were not provided to him for review in full based on the results of consideration of the initial request. A repeated request must contain a justification for sending a repeated request.
- The right to direct the PDPO to withdraw the consent given to them for the processing of Personal Data, consent to the Dissemination of Personal Data.
- Has the right to protection of his rights and legitimate interests, including compensation for losses and (or) compensation for moral damage in court.
- Has the right to appeal the actions or inaction of the PDPO to the authorized body for the protection of the rights of subjects of Personal data or in court.
2.12. User's Responsibilities:
- Comply with the requirements specified in clauses 1.11, 1.18 of this Privacy Policy;
- provide your reliable Personal Data.
2.13. Databases of information containing personal data are stored at the location of the PDPO or third parties involved by it.
2.14. PDPO processes Personal Data on a legal and fair basis to fulfill the functions, powers and duties assigned by law, exercise the rights and legitimate interests of PDPO and other persons. The transfer (distribution, provision) and use of Personal Data is carried out only in cases and in the manner prescribed by law, with the consent of the Personal Data Subject, if this is determined by law..
2.15. PDPO receives Personal Data directly from the subject of Personal Data, except in cases where Personal Data is transferred within the framework of a contractual relationship.
2.16. PDPO processes the User's Personal Data with his consent, provided either in writing or when performing implied actions.
2.17. Principles for processing Personal data established by this Privacy Policy:
2.17.1. Processing of Personal Data must be carried out on a lawful and fair basis.
2.17.2. The processing of Personal Data must be limited to the achievement of specific, pre-defined and legitimate purposes. Processing of Personal Data that is incompatible with the purposes of collecting Personal Data is not permitted. It is not permitted to process excessive Personal Data in relation to the stated purposes of their processing..
2.17.3. It is not allowed to combine databases containing Personal Data, the processing of which is carried out for purposes that are incompatible with each other..
2.17.4. Only Personal Data that meet the purposes of their processing are subject to processing.
2.17.5. The content and volume of Personal Data processed must correspond to the stated purposes of processing. The Personal Data processed must not be redundant in relation to the stated purposes of their processing..
2.17.6. When processing Personal Data, the accuracy of the Personal Data, its sufficiency, and, where necessary, relevance in relation to the purposes of processing the Personal Data must be ensured. The PDPO must take the necessary measures or ensure that they are taken to remove or clarify incomplete or inaccurate data.
2.17.7. The storage of Personal Data must be carried out in a form that makes it possible to identify the subject of the Personal Data, no longer than required by the purposes of processing the Personal Data, unless the period for storing Personal Data is established by federal law, an agreement to which the subject of the Personal Data is a party, beneficiary or guarantor. The processed Personal Data is subject to destruction or depersonalization upon achievement of the processing goals or in the event of the loss of the need to achieve these goals, unless otherwise provided by federal law.
2.17.8. PDPO is obliged to ensure that the foreign state to whose territory the Cross-Border Transfer of Personal Data is carried out ensures adequate protection of the rights of the subjects of Personal Data before the cross-border transfer of Personal Data begins..
2.17.9. PDPO does not control and is not responsible for the processing of information by third party sites that can be accessed through links available on the Site.
3. SUBJECT OF THE PRIVACY POLICY

3.1. This Privacy Policy establishes the responsibilities of the PDPO for the processing of the User's Personal Data, their protection, including ensuring a regime for protecting the confidentiality of Personal Data that the User provides to the PDPO in the following cases:
- when filling out data in your personal account on the Site;
- when you go from the Site to a chat with an employee/performer/contractor of the PDPO;
- when filling out the Service order form on the Site;
- when sending a claim, statements to the PDPO;
- in the process of written, electronic and oral communication with the PDPO.
Personal data is provided to Users for the purpose of enabling the User to create a personal account on the Site, providing services and selling goods to the User, fulfilling obligations under an agreement with the User, and responding to the User's claims. In order to conduct marketing research for targeting using the Website's software, PDPO collects statistical data that does not identify anyone as the subject of personal data. PDPO uses the User's personal data for mailing letters to those Users who have expressed their consent to receive information about the news of the Site, about PDPO and its partners, including advertising ones.
3.2. PDPO collects the following types of information about the User:
- information that the User knowingly provided to PDPO in the process of using the Site;
- technical information automatically collected by the Site software during the User's visit to the Site.
3.3. Personal data is provided by the User when filling out a form in his personal account on the Site and paying for Services and includes the following information:
- Full Name;
- E-mail address;
- phone number;
- City of residence,
- Country of Residence,
- date, month, year of birth;
- mailing address.
3.4. Personal data is provided by the User when sending a claim, statements to the PDPO and includes the following information:
- Full Name;
- E-mail address;
- another address for sending a response to the User from PDPO;
- phone number;
- Bank details;
- other Personal data that the User indicates in the text of the claim or statement at his own request.
3.5. Personal data is provided by the User in the process of written, electronic and oral communication with the PDPO and includes the following information:
- Full Name;
- E-mail address;
- phone number;
- other Personal Data that the User provides to PDPO in the process of any type of communication at his own request.
3.6. Technical information automatically collected by the Site software during the User's visit includes:
• 1Р address;
• information from cookies;
• information about the browser;
• information about the device type (mobile or PC);
• access time;
• other technical and statistical information.
Technical information also includes analytical data obtained as a result of the Site's use of web analytics services. This information is used solely for internal and external marketing purposes - to analyze trends in Site visits and improve Site service.
3.7. The Site implements User identification technology based on the use of cookies. Cookies may be stored on the device used by the User to access the Site, which will later be used to collect statistical data, in particular about traffic to the Site, to automatically fill in the fields in the authorization form in the personal account on the Site. PDPO may use and disclose information about use of the Site, for example, to determine the level of use of the Site, improve its content, explain the usefulness of the Site, and to enhance the functionality of the Site. By accepting this Privacy Policy, the User gives PDPO his consent that the technical data specified in clause 3.6 collected from the Site is transmitted over the Internet. Anonymized data of Users, collected using Internet statistics services, serves to collect information about the actions of Users on the site, improve the quality of the site and its content.
3.8. PDPO does not store Personal Data in cookies. PDPO uses information recorded in cookies, which does not identify individual Users, to analyze trends, administer the Site, determine User movements around the Site, and to collect demographic information about the base population of Users as a whole.
3.9. If the User does not want PDPO to collect technical information about him using cookies, then the User must stop using the Site or prevent the storage of cookies on his device used to access the Site by setting his browser accordingly. Please keep in mind that Site services using this technology may be unavailable.
3.10. Consent to the processing of Personal data provided when sending a claim, applications to the PDPO address is carried out by filling out the form provided by the PDPO. The user is required to send a completed and signed consent form along with the text of the claim, statement.
3.11. When placing an Order for Services and choosing a payment method using a bank card, the User indicates his Personal data, including the payment data necessary to make the payment: bank card number, expiration date, last name, first name of the cardholder, CVC code. Such information is processed by the payment platform service, and PDPO has access only to part of the Personal Data entered in the online payment form, namely: first name, last name, telephone number, email address, payment method (without specifying payment data).
3.12. PDPO guarantees that it never provides Personal Data to third parties, except in cases where:
• this is directly required by law (for example, at the written request of the court, law enforcement agencies);
• The user has consented to the transfer of Personal Data;
• the transfer is necessary for concluding agreements and/or within the framework of agreements between the PDPO and the User;
• the transfer occurs as part of the sale or other transfer of the Site, business;
• the transfer occurs as part of the transfer of the Personal Data database from one service to another in accordance with the contractual relations of the PDPO;
• this is required to provide support for servicing Users or to assist in the protection and security of PDPO systems.
4. PURPOSES OF COLLECTION AND PROCESSING OF USER'S PERSONAL DATA

4.1. The processing of Personal Data must be limited to the achievement of specific, pre-defined and legitimate purposes. Processing of Personal Data that is incompatible with the purposes of collecting Personal Data is not permitted..
PDPO uses the User's Personal Data for the following purposes:
• for feedback from the User;
• to send the User, with his consent, information about the news of the Site, about PDPO or its partners, about new Services, including advertising ones;
• to create a User account and personal account on the Site;
• for the sale of Goods, Services to the User and their provision;
• to fulfill PDPO's contractual obligations to the User;
• for marketing research, for targeting;
• to send the User a response to a claim or application.
5. PROCEDURE AND CONDITIONS FOR PROCESSING PERSONAL DATA

5.1. PDPO carries out the following list of actions with Personal Data: collection, recording, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of Personal Data, as well as transfer to third parties if it is necessary to interact with third parties in order to achieve the purposes of processing Personal Data (specified in clause 4.1).
5.2. PDPO processes Personal Data in the following ways:
• using automated means of processing Personal data (Site software, Bitrix24 st-system, Internet acquiring), internal PDPO system for processing Personal data);
• without the use of automated means of processing Personal data (Personal data is processed manually by PDPO). Personal data storage address - actual location of the PDPO.
The User's personal data specified in this paragraph is processed in accordance with the company's policy regarding the processing of personal data for a period until the purpose of processing Personal data is achieved in each specific case. The storage address of Personal Data coincides with the location address of the PDPO.
5.3. To achieve the goals specified in clause 4.1 of this Privacy Policy, namely to provide the User with the opportunity to make online payments for Services, Goods, PDPO enters into agreements with Internet acquiring, according to which PDPO also instructs these organizations to collect and process the User's Personal Data. Within the framework of these contractual relations, the payment integrator independently collects and processes the User's Personal Data in accordance with the privacy policy of each organization for a period until the purpose of processing Personal Data is achieved in each specific case.
5.4. The transfer of the User's Personal Data to third parties, in particular banks, is carried out with the consent of the User solely for the purposes specified for fulfilling the contractual obligations of the PDPO, when returning money to the User.
5.5. The User's personal data may be transferred to authorized government bodies only on the basis and in the manner established by law.
6. LEGAL BASIS FOR PROCESSING PERSONAL DATA

6.1. PDPO processes Personal Data on the basis of the following legal grounds:
• agreements concluded between PDPO and third parties for the purposes specified in sections 3, 4;
• internal local PDPO documents;
• consent to the processing of Personal data (in cases consistent with the powers of the PDPO), consent to dissemination of personal data.
7. MEASURES TO ENSURE THE SECURITY OF PERSONAL DATA DURING THEIR PROCESSING

7.1. PDPO protects the User's Personal Data by applying generally accepted security methods to ensure the protection of information from loss, unauthorized or accidental access, distortion and unauthorized distribution, destruction, modification, blocking, copying, as well as any other unlawful actions with Personal Data of third parties. Security is implemented by network protection software, access verification procedures, the use of cryptographic information security tools, compliance with the Privacy Policy, as well as other internal documents regulating the rules for processing Personal Data of the PDPO.
7.2. If Personal Data is lost or disclosed, PDPO is obliged to inform the User about this.
7.3. PDPO, together with the User, takes all necessary legal, organizational and technical measures to prevent losses or other negative consequences caused by the loss or disclosure of the User's Personal Data.
7.4. Personal data is kept confidential by PDPO, except in cases where the User voluntarily posted information for public access in messages, comments, reviews on the Site.
7.5. Ensuring the security of Personal Data processed in Personal Data information systems of the PDPO is achieved by excluding unauthorized, including accidental, access to Personal Data, as well as taking the following security measures:
7.5.1. identification of security threats to Personal data during their processing in information systems of Personal data PDPO;
7.5.2. application of organizational and technical measures to ensure the security of Personal Data during their processing in information systems of Personal Data PDPO, necessary to meet the requirements for the protection of Personal Data, the implementation of which ensures levels of protection of Personal Data;
7.5.3. application of procedures for assessing the compliance of information security means that have been completed in accordance with the established procedure;
7.5.4. assessment of the effectiveness of measures taken to ensure the security of Personal Data before putting into operation the Personal Data information system;
7.5.5. accounting of computer media of Personal data;
7.5.6. detecting facts of unauthorized access to Personal Data and taking measures;
7.5.7. restoration of Personal data, modified or deleted, destroyed due to unauthorized access to it;
7.5.8. establishing rules for access to Personal Data processed in the Personal Data information systems of the PDPO, as well as ensuring registration and accounting of all actions performed with Personal data in the Personal Data information systems of the PDPO;
7.5.9. control over the measures taken to ensure the security of Personal Data and the level of security of Personal Data information systems.
7.6. Measures aimed at ensuring the fulfillment by the PDPO of the obligations provided for by the current legislation in the field of Personal data. The PDPO is obliged to take measures necessary and sufficient to ensure the fulfillment of the duties provided for by the current Russian legislation. The PDPO independently determines the composition and list of measures necessary and sufficient to ensure the fulfillment of these duties. Such measures, in particular, include:
1) appointment by the head of the PDPO of a person responsible for organizing the processing of Personal data.
2) publication by the PDPO of documents defining the PDPO policy regarding the processing of Personal Data, the Privacy Policy, local acts on the processing of Personal Data, defining for each purpose of processing Personal Data the categories and list of processed Personal Data, the categories of subjects whose Personal Data is processed, the methods and terms of their processing and storage, the procedure for the destruction of Personal data upon achievement of the purposes of their processing or upon the occurrence of other legal grounds, as well as local acts establishing procedures aimed at preventing and identifying violations, eliminating the consequences of such violations.
3) application of legal, organizational and technical measures to ensure the security of Personal Data.
4) implementation of internal control and (or) audit of compliance of the processing of Personal data with the legislation and regulations adopted in accordance with it, requirements for the protection of Personal data, the PDPO policy regarding the processing of personal data, the Privacy Policy, local acts of the PDPO;
5) assessment of the harm that may be caused to subjects of Personal Data in the event of a violation of the law, the relationship between this harm and the measures taken by the PDPO aimed at ensuring the fulfillment of the obligations provided for by law;
6) Familiarization of the PDPO employees directly involved in the processing of Personal Data with the requirements for the protection of Personal Data, documents defining the PDPO policy regarding the processing of personal data, the Privacy Policy, local regulations on the processing of Personal Data, and (or) training of these employees;
7) publication of the Privacy Policy on the Website to ensure unlimited access to it.
8. PERSONAL DATA PROCESSING TIMES

8.1. Processing of Personal data provided by the User on the Site is carried out within five years from the date of sending the completed form on the Site.
8.2. Unless otherwise provided by other clauses of this Privacy Policy or current Russian legislation, the condition for cessation of processing of Personal Data is the achievement of the purposes of processing Personal Data, expiration of consent or withdrawal of consent to the processing of Personal Data, identification of unlawful processing of Personal Data, receipt by the PDPO of a request to destroy Personal Data.
8.3. Transfer (distribution, provision, access) of Personal data permitted for distribution must be stopped at any time at the request of the User.
8.4. The user has the right to contact the PDPO with a request to stop the transfer (distribution, provision, access) of his Personal data previously permitted for distribution, in case of non-compliance with the provisions of the current legislation, or to make such a request to the court. PDPO is obliged to stop the transfer (distribution, provision, access) of Personal data within 3 (three) working days from the receipt of the request or within the period specified in the court decision that has entered into legal force, and if such a period is not specified in the court decision, then within 3 (three) working days from the date of entry into force of the court decision.
8.5. The user independently determines the subscription period for the newsletter and unsubscribes from the newsletter by clicking on the unsubscribe link, which is in each letter received, or by sending a free-form OOPD request to the email address mail@alprohomeexchange.com with the note “Unsubscribe from mailing list".
9. UPDATED, CORRECTED, DELETED AND DESTROYED PERSONAL DATA, ANSWERS TO USER REQUESTS FOR ACCESS TO PERSONAL DATA
9.1. If it is confirmed that the Personal Data is inaccurate or that its processing is unlawful, the Personal Data is subject to updating by the PDPO, and the processing should be stopped accordingly.
9.2. The User's personal data provided by him on the Site, which is stored by the PDPO and processed by him, can be deleted/anonymized by contacting the PDPO. To do this, you need to send a letter from the PDPO to the email address mail@alprohomeexchange.com. In this case, the User will not be able to use some functionality of the Site. The period for consideration of the request is 10 (ten) working days.
9.3. When the purposes of processing Personal Data are achieved, the PDPO stops the processing of Personal Data (or ensures its termination if the processing of Personal Data is carried out by another person acting on behalf of the PDPO) and destroys the Personal Data (or ensures their destruction if the processing of Personal Data is carried out by another person acting on on behalf of the PDPO) within a period not exceeding 30 (thirty) days from the date of achieving the purpose of processing, if:
• otherwise not provided for by the agreement to which the User is a party, beneficiary or guarantor;
• PDPO does not have the right to process Personal data without the consent of the User;
• otherwise not provided for in any other agreement between the PDPO and the User.
If it is not possible to destroy Personal Data within the period specified in this paragraph, PDPO blocks such Personal Data or ensures their blocking (if the processing of Personal Data is carried out by another person acting on behalf of PDPO) and ensures the destruction of Personal Data within a period of no more than 6 (six) months, unless another period is established by laws.
9.4. When the PDPO receives a withdrawal of consent to the processing of Personal Data, the PDPO stops the processing of Personal Data (or ensures its termination if the processing of Personal Data is carried out by another person acting on behalf of the PDPO) and in the event that the preservation of Personal Data is no longer required for the purposes of processing Personal Data, destroys Personal Data (or ensures their destruction if the processing of Personal Data is carried out by another person acting on behalf of the PDPO) within a period not exceeding 30 (thirty) days from the date of receipt of the specified review, if:
• otherwise not provided for by the agreement to which the User is a party, beneficiary or guarantor;
• PDPO does not have the right to process Personal data without the consent of the User;
• otherwise not provided for in any other agreement between the PDPO and the User.
If it is not possible to destroy Personal Data within the period specified in this paragraph, PDPO blocks such Personal Data or ensures their blocking (if the processing of Personal Data is carried out by another person acting on behalf of PDPO) and ensures the destruction of Personal Data within a period of no more than 6 (six) months, unless another period is established by laws.
9.5. In the event of receiving an application to the PDPO with a request to stop processing Personal Data, the PDPO is obliged, within a period not exceeding 10 (ten) working days from the date of receipt of the corresponding request, to stop their processing or ensure the termination of such processing (if such processing is carried out by the person processing personal data). This period may be extended, but not more than by 5 (five) working days if the PDPO sends a motivated notification to the Personal Data subject indicating the reasons for extending the period for providing the requested information. If it is not possible to destroy Personal Data within the period specified in this paragraph, PDPO blocks such Personal Data or ensures their blocking (if the processing of Personal Data is carried out by another person acting on behalf of PDPO) and ensures the destruction of Personal Data within a period of no more than 6 (six) months, unless another period is established by law.
9.6. PDPO blocks Personal data in case of detection of unlawful processing of Personal data, identification of inaccurate Personal data from the moment of application or request of the User by a legal representative or an authorized body for the protection of the rights of subjects of Personal data for the period of verification. If it is not possible to destroy Personal Data within the period specified in this paragraph, PDPO blocks such Personal Data or ensures their blocking (if the processing of Personal Data is carried out by another person acting on behalf of PDPO) and ensures the destruction of Personal Data within a period of no more than 6 (six) months, unless another period is established by law.
9.7. PDPO carries out updating, correction, clarification of Personal data within 7 (seven) working days from the date of application or request of the subject of personal data or his legal representative or an authorized body for the protection of the rights of subjects of Personal data, in case of identification of incomplete, inaccurate, irrelevant Personal data.
9.8. PDPO carries out the removal and destruction of the User's Personal Data within 7 (seven) business days from the date of application or request of the subject of personal data or his legal representative or the authorized body for the protection of the rights of subjects of Personal Data, in the event of receiving information confirming that the Personal Data is illegally obtained or not necessary for the stated purpose of processing. In this case, the PDPO notifies the subject of the Personal Data or his representative about the changes made and the measures taken and takes reasonable measures to notify third parties to whom the Personal Data of this subject have been transferred.
9.9. In case of detection of unlawful processing of Personal data carried out by PDPO or a person acting on behalf of PDPO, PDPO, within a period not exceeding 3 (three) working days from the date of this detection, is obliged to stop the unlawful processing of Personal data or ensure the cessation of unlawful processing of Personal data by the person acting on behalf of the PDPO. If it is impossible to ensure the legality of the processing of Personal Data, PDPO, within a period not exceeding 10 (ten) working days from the date of detection of unlawful processing of Personal Data, is obliged to destroy such Personal Data or ensure its destruction. The PDPO is obliged to notify the subject of Personal Data or his representative, or the authorized body for the protection of the rights of subjects of Personal Data, about the elimination of violations or the destruction of personal data.
9.10. PDPO responds to requests from Users, their representatives, the authorized body for the protection of the rights of personal data subjects regarding Personal Data within 10 (ten) business days from the date of application or receipt of the PDPO request. This period may be extended, but not more than by 5 (five) working days if the PDPO sends a motivated notification to the Personal Data subject indicating the reasons for extending the period for providing the requested information.
9.11. In case of establishing the fact of unlawful or accidental transfer (provision, distribution, access) of Personal Data, resulting in a violation of the User's rights, the PDPO is obliged, from the moment such an incident is identified, to notify the authorized body for the protection of the rights of personal data subjects:
1) within 24 (twenty-four) hours about the incident that occurred, about the alleged reasons that led to the violation of the rights of Personal Data subjects, and the alleged harm caused to the rights of Personal Data subjects, about the measures taken to eliminate the consequences of the relevant incident, as well as provide information about the person authorized PDPO for interaction with the authorized body for the protection of the rights of subjects of Personal data on issues related to the identified incident;
2) within 72 (seventy-two) hours about the results of the internal investigation of the identified incident, as well as provide information about the persons whose actions caused the identified incident (if any).
10. FINAL PROVISIONS

10.1. PDPO has the right to make any changes and additions to the Privacy Policy at any time at its discretion.
10.2. Changes and additions come into force from the moment the Privacy Policy with amendments and additions is posted on the Website. Continuing to use the Site after the publication of a new version of the Personal Data Processing Policy.
This Personal Data Processing Policy (hereinafter referred to as the Policy) applies to all information that the Site Administrator can obtain about the User while using the Site.