Personal Data Processing Policy
1. General Provisions
1.1. The Operator’s most important goal and condition for carrying out its activities is the observance of human and civil rights and freedoms when processing personal data, including the protection of the right to privacy and personal and family confidentiality.
1.2. This Policy of the Operator regarding personal data processing (hereinafter — the Policy) applies to all information that the Operator may obtain about visitors to the website healthyfarm.ru.
2. Key Terms Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computer technology.
2.2. Blocking of personal data — temporary suspension of personal data processing (except where processing is necessary to clarify personal data).
2.3. Website — a set of graphic and informational materials, as well as computer programs and databases ensuring their availability on the Internet at healthyfarm.ru.
2.4. Personal data information system — a set of personal data contained in databases and information technologies and technical means ensuring their processing.
2.5. Depersonalization of personal data — actions resulting in the impossibility of determining, without additional information, whether personal data belongs to a specific User or other personal data subject.
2.6. Processing of personal data — any action (operation) or set of actions (operations) performed with or without automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state authority, municipal authority, legal entity, or individual that independently or jointly with others organizes and/or carries out personal data processing and determines the purposes, scope of personal data to be processed, and actions performed with personal data.
2.8. Personal data — any information directly or indirectly related to an identified or identifiable User of the website healthyfarm.ru.
2.9. Personal data permitted for distribution — personal data made accessible to an unlimited number of persons by the personal data subject through consent for processing permitted for distribution in accordance with the Personal Data Law.
2.10. User — any visitor to the website healthyfarm.ru.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Distribution of personal data — any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or making personal data accessible to an unlimited number of persons, including publication in mass media, placement in information and telecommunication networks, or otherwise providing access.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a foreign public authority, foreign individual, or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irreversible destruction of personal data without the possibility of further recovery in the personal data information system and/or destruction of physical media containing personal data.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to:
— receive reliable information and/or documents containing personal data from the personal data subject;
— continue processing personal data without the consent of the personal data subject in cases provided for by the Personal Data Law if consent is withdrawn or a request to cease processing is received;
— independently determine the composition and list of measures necessary and sufficient to ensure compliance with the Personal Data Law unless otherwise provided by federal law.
3.2. The Operator is obliged to:
— provide the personal data subject, upon request, with information regarding the processing of their personal data;
— organize personal data processing;
— respond to requests and inquiries from personal data subjects and their legal representatives;
— provide necessary information to the authorized personal data protection authority within 10 days upon request;
— publish or otherwise ensure unrestricted access to this Policy;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, alteration, blocking, copying, provision, distribution, and other unlawful actions;
— cease transfer, processing, and destroy personal data in cases provided by law;
— fulfill other obligations stipulated by the Personal Data Law.
4. Main Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information regarding the processing of their personal data, except as provided by federal law;
— request clarification, blocking, or destruction of personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose;
— require prior consent for processing for marketing purposes;
— withdraw consent and demand termination of processing;
— appeal unlawful actions or inaction of the Operator to the authorized authority or in court;
4.2. Personal data subjects are obliged to:
— provide accurate data about themselves;
— notify the Operator of updates or changes to their personal data.
5. Principles of Personal Data Processing
Processing is carried out on a lawful and fair basis; limited to specific, lawful purposes; incompatible purposes are not combined; only data relevant to the purposes is processed; accuracy and relevance are ensured; storage is limited to the period necessary to achieve processing purposes unless otherwise provided by law.
6. Purposes of Personal Data Processing
Purpose of processing:
— informing the User by sending emails;
— providing information necessary for delivery of Goods;
— formation of a customer database.
Personal data processed:
— full name;
— email address;
— phone numbers;
— delivery address.
Types of processing:
— collection, recording, systematization, accumulation, storage, destruction, depersonalization;
— sending informational emails.
7. Conditions for Processing Personal Data
Processing is carried out with consent of the subject, including publicly available personal data or data subject to mandatory publication.
8. Procedure for Collection, Storage, Transfer, and Other Types of Processing
The Operator ensures security of personal data by implementing legal, organizational, and technical measures.
— Personal data will not be transferred to third parties except as required by law or with subject consent.
— Users may update their personal data by emailing ABLFarms@gmail.com with the subject “Updating Personal Data.”
— Processing period is determined by achievement of purposes unless otherwise required by law. Upon achieving the purpose, data is destroyed within 1 calendar year unless otherwise provided by contract.
— Consent may be withdrawn by emailing ABLFarms@gmail.com with the subject “Withdrawal of Consent to Personal Data Processing.”
Information collected by third-party services (including payment systems and communication providers) is processed according to their policies. The Operator is not responsible for third-party actions.
9. List of Actions Performed with Personal Data
The Operator performs collection, recording, systematization, accumulation, storage, updating, retrieval, use, transfer, depersonalization, blocking, deletion, destruction, including automated processing with or without transfer via information and telecommunication networks.
10. Cross-Border Transfer
The Operator notifies the authorized authority before conducting cross-border transfer and obtains necessary information from foreign recipients.
11. Confidentiality
The Operator and other persons with access to personal data must not disclose or distribute personal data without subject consent unless otherwise provided by federal law.
12. Final Provisions
Users may contact the Operator at ABLFarms@gmail.com for clarifications.
The Policy is effective indefinitely until replaced by a new version.
1. General Provisions
1.1. The Operator’s most important goal and condition for carrying out its activities is the observance of human and civil rights and freedoms when processing personal data, including the protection of the right to privacy and personal and family confidentiality.
1.2. This Policy of the Operator regarding personal data processing (hereinafter — the Policy) applies to all information that the Operator may obtain about visitors to the website healthyfarm.ru.
2. Key Terms Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computer technology.
2.2. Blocking of personal data — temporary suspension of personal data processing (except where processing is necessary to clarify personal data).
2.3. Website — a set of graphic and informational materials, as well as computer programs and databases ensuring their availability on the Internet at healthyfarm.ru.
2.4. Personal data information system — a set of personal data contained in databases and information technologies and technical means ensuring their processing.
2.5. Depersonalization of personal data — actions resulting in the impossibility of determining, without additional information, whether personal data belongs to a specific User or other personal data subject.
2.6. Processing of personal data — any action (operation) or set of actions (operations) performed with or without automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state authority, municipal authority, legal entity, or individual that independently or jointly with others organizes and/or carries out personal data processing and determines the purposes, scope of personal data to be processed, and actions performed with personal data.
2.8. Personal data — any information directly or indirectly related to an identified or identifiable User of the website healthyfarm.ru.
2.9. Personal data permitted for distribution — personal data made accessible to an unlimited number of persons by the personal data subject through consent for processing permitted for distribution in accordance with the Personal Data Law.
2.10. User — any visitor to the website healthyfarm.ru.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Distribution of personal data — any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or making personal data accessible to an unlimited number of persons, including publication in mass media, placement in information and telecommunication networks, or otherwise providing access.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a foreign public authority, foreign individual, or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irreversible destruction of personal data without the possibility of further recovery in the personal data information system and/or destruction of physical media containing personal data.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to:
— receive reliable information and/or documents containing personal data from the personal data subject;
— continue processing personal data without the consent of the personal data subject in cases provided for by the Personal Data Law if consent is withdrawn or a request to cease processing is received;
— independently determine the composition and list of measures necessary and sufficient to ensure compliance with the Personal Data Law unless otherwise provided by federal law.
3.2. The Operator is obliged to:
— provide the personal data subject, upon request, with information regarding the processing of their personal data;
— organize personal data processing;
— respond to requests and inquiries from personal data subjects and their legal representatives;
— provide necessary information to the authorized personal data protection authority within 10 days upon request;
— publish or otherwise ensure unrestricted access to this Policy;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, alteration, blocking, copying, provision, distribution, and other unlawful actions;
— cease transfer, processing, and destroy personal data in cases provided by law;
— fulfill other obligations stipulated by the Personal Data Law.
4. Main Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information regarding the processing of their personal data, except as provided by federal law;
— request clarification, blocking, or destruction of personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose;
— require prior consent for processing for marketing purposes;
— withdraw consent and demand termination of processing;
— appeal unlawful actions or inaction of the Operator to the authorized authority or in court;
4.2. Personal data subjects are obliged to:
— provide accurate data about themselves;
— notify the Operator of updates or changes to their personal data.
5. Principles of Personal Data Processing
Processing is carried out on a lawful and fair basis; limited to specific, lawful purposes; incompatible purposes are not combined; only data relevant to the purposes is processed; accuracy and relevance are ensured; storage is limited to the period necessary to achieve processing purposes unless otherwise provided by law.
6. Purposes of Personal Data Processing
Purpose of processing:
— informing the User by sending emails;
— providing information necessary for delivery of Goods;
— formation of a customer database.
Personal data processed:
— full name;
— email address;
— phone numbers;
— delivery address.
Types of processing:
— collection, recording, systematization, accumulation, storage, destruction, depersonalization;
— sending informational emails.
7. Conditions for Processing Personal Data
Processing is carried out with consent of the subject, including publicly available personal data or data subject to mandatory publication.
8. Procedure for Collection, Storage, Transfer, and Other Types of Processing
The Operator ensures security of personal data by implementing legal, organizational, and technical measures.
— Personal data will not be transferred to third parties except as required by law or with subject consent.
— Users may update their personal data by emailing ABLFarms@gmail.com with the subject “Updating Personal Data.”
— Processing period is determined by achievement of purposes unless otherwise required by law. Upon achieving the purpose, data is destroyed within 1 calendar year unless otherwise provided by contract.
— Consent may be withdrawn by emailing ABLFarms@gmail.com with the subject “Withdrawal of Consent to Personal Data Processing.”
Information collected by third-party services (including payment systems and communication providers) is processed according to their policies. The Operator is not responsible for third-party actions.
9. List of Actions Performed with Personal Data
The Operator performs collection, recording, systematization, accumulation, storage, updating, retrieval, use, transfer, depersonalization, blocking, deletion, destruction, including automated processing with or without transfer via information and telecommunication networks.
10. Cross-Border Transfer
The Operator notifies the authorized authority before conducting cross-border transfer and obtains necessary information from foreign recipients.
11. Confidentiality
The Operator and other persons with access to personal data must not disclose or distribute personal data without subject consent unless otherwise provided by federal law.
12. Final Provisions
Users may contact the Operator at ABLFarms@gmail.com for clarifications.
The Policy is effective indefinitely until replaced by a new version.
- Personal data collected via metric programs includes:
- — browser and OS information (e.g., Chrome, Safari, Windows, iOS);
- — IP address;
- — visited URLs;
- — metadata and cookie identifiers;
- — visit behavior data (time on page, navigation path);
- — user interactions (clicks, scrolling, form entries);
- — traffic source;
- — device data (screen resolution, device type, OS version);
- — search and advertising query data.
- Cookies are processed for website analytics, quality improvement, retargeting, and statistical research.
- The User consents to automated processing including collection, storage, updating, blocking, deletion, destruction.
- Consent is granted by continuing to use the Website.
- Personal data is automatically transmitted during website visits.
- Users may disable cookies in browser settings, which may affect website functionality.
- The data will be deleted automatically after 26 months.
- Consent may be withdrawn at any time by sending a written request to ABLFarms@gmail.com with the subject “Withdrawal of Consent to Personal Data Processing.” Data will be deleted within 30 business days from receipt of the request.