Privacy policy

Privacy policy, protection policy and the processing of personal data
Edition of 04 September 2019

1. Terms and definitions

Site-a set of software and hardware for computers, providing publication for public viewing of information and data, United by a common purpose, by means of technical means used for communication between computers on the Internet. The site in the Agreement means a Site located on the Internet at the address of the domain name alev-trans.ru and all nested pages.

User – the user of the Internet and, in particular, the Site

Federal law (FZ) – Federal law of 27.07.2006 No. 152 FZ "on personal data" (hereinafter – the law on personal data).

Personal data (PD) – any information relating directly or indirectly to a particular or identifiable individual (subject of personal data).

Operator – an organization that independently or jointly with other persons organizes the processing of personal data, as well as determining the purpose of processing of personal data to be processed, actions (operations) performed with personal data. The operator is LLC "ALEV-TRANS" located at the address: 143420 Moscow region, Krasnogorsk district, p / o Arkhangelsk, 4th km Ilyinsky highway, building 8

Cookies are small text files into which the browser records data from the websites you visit. Cookies allow sites to "remember" their visitors, for example, so that each time you do not ask for their username and password. They are also used to help us understand your preferences based on previous or current activity on the site and to provide you with improved services. We also use Cookies to help us collect aggregate data about site traffic and interaction so that we can offer more convenient features and tools to work with the site in the future. Including, the network address of the user device (IP address of the Internet user), information about the fact, date, time of visiting network addresses, information about the fact, date, time of visiting sites or pages of sites, user search queries, geographical address of the user's connection point, etc.

Processing of personal data – any action (operation) or a set of actions (operations) performed with the use of automation tools or without the use of such tools with personal data, including the collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.

Automated processing of personal data – processing of personal data by means of computer technology.

Dissemination of personal data – an action aimed at disclosure of personal data to a certain circle of persons by prior consent, in cases provided for by law.

Provision of personal data – actions aimed at disclosure of personal data to a certain person or a certain circle of persons.

Blocking of personal data – temporary termination of processing of personal data (except if processing is necessary to clarify personal data).

Destruction of personal data – actions as a result of which it becomes impossible to restore the content of personal data in the information system of personal data and/or as a result of which the material carriers of personal data are destroyed.

Depersonalization of personal data – actions, as a result of which it becomes impossible without the use of additional information to determine the identity of personal data to a particular subject of personal data.

Information system of personal data (Ispdn) – a set of personal data contained in databases and providing their processing of information technologies and technical means.

2. Generalities

2.1. The regulation on the procedure for storage and protection of personal data Of users of the Site (hereinafter-the Regulation) is designed to comply with the requirements of the legislation of the Russian Federation, containing personal data and identification of Users on the Site.

2.2. The regulation was developed in accordance with the Constitution, the Civil code of the Russian Federation, current legislation of the Russian Federation in the field of personal data protection.

2.3. The regulation establishes the procedure for processing personal data of users of the Site: actions to collect, systematize, accumulate, store, clarify (update, change), destroy personal data.

2.4. The regulation establishes mandatory for the Operator's employees involved in the maintenance of the Site, General requirements and rules for working with all types of media containing personal data of users of the Site.

2.5. The Regulation does not address the issues of ensuring the security of personal data referred to in the prescribed manner to information constituting a state secret of the Russian Federation.

2.6. The objectives of the Regulation are:

- ensuring the requirements for the protection of human and civil rights and freedoms in the processing of personal data, including the protection of the rights to privacy, personal and family secrets;

- exclusion of unauthorized actions of the Operator's employees and any third parties to collect, systematize, accumulate, store, clarify (update, change) personal data, other forms of illegal interference in information resources and local computer network of the Operator, ensuring the legal and regulatory regime of confidentiality of undocumented information Of users of the Site; protection of the constitutional rights of citizens to personal secrecy, confidentiality of information constituting personal data, and prevention of possible threats to the security Of users of the Site

2.7. Principles of personal data processing:

- processing of personal data must be carried out on a legal and fair basis;

- the processing of personal data should be limited to the achievement of specific, predetermined and legitimate goals. Processing of personal data incompatible with the purposes of personal data collection is not allowed;

- it is not allowed to combine databases containing personal data, the processing of which is carried out for purposes incompatible with each other;

- only personal data that meet the purposes of their processing are subject to processing;

- the content and volume of personal data processed must comply with the stated purposes of processing. The personal data processed shall not be excessive in relation to the stated purposes of their processing;

- when processing personal data, the accuracy of personal data, their sufficiency, and, where necessary, relevance to the purposes of personal data processing must be ensured;

- storage of personal data shall be carried out no longer than required by the purpose of processing personal data, if the period of storage of personal data is not established by Federal law, the contract to which the User is a party;

- processed personal data shall be subject to destruction or depersonalization upon achievement of the purposes of processing or in case of loss of the need to achieve these goals, unless otherwise provided by Federal law.

2.8. Terms of personal data processing.

2.8.1. Processing of personal data of Users is done on the basis of the Civil code of the Russian Federation, the Constitution, current legislation of the Russian Federation in the field of personal data protection.

2.8.2. The processing of personal data on the Site is carried out in compliance with the principles and rules provided for by the Regulations and legislation of the Russian Federation.

2.9. Purposes of processing of personal data of all users of the site:

implementation of activities stipulated by the Charter of the Operator;

- implementation of civil and legal relations with operating contractors of the Operator;

analyst actions of an individual User on the website and functioning of the site (the site collects the Cookies and the company then transfers the collected information to third parties: Google Analytics, "Yandex.Metric", Yandex.Direct, etc.);

customer feedback by exchanging short text messages in online dialogue and ensuring the functioning of the callback on the site alev-trans.ru or other form of feedback;

promotion of services, including through advertising and newsletters via e-mail and SMS-mailings, phone calls.

search for applicants for open vacant positions of the Company posted on the Company's website.

2.9.1. Purposes of processing of personal data of users of the site-Applicants:

Identification of the Applicant as a candidate for the vacant position of the Company and communication with him, according to the contacts specified by him;

Conducting a preliminary interview for employment;

The use of personal data for the purpose of possible employment in the future or for the purpose of refusing employment, or the formation of a database of potential candidates for vacant positions;

Use of personal data to request additional information about the Applicant;

Getting information from the company about available vacancies;

Consideration of the resumes sent and on the basis of the information received from applicants filled in questionnaires by applicants for vacant positions of the Company

Analyst actions of an individual User on the site and the functioning of the website (through the collection of Cookies and transfer of collected information to third parties: Google Analytics, "Yandex.Metric", Yandex.Direct, etc.);

Feedback to the Applicant by exchanging short text messages in an online dialogue and ensuring the functioning of the callback on the site alev-trans.ru;

2.10. Categories of personal data subjects.

PD of the following PD subjects are processed:

- natural persons (representatives of Customers, Suppliers and other third parties) acting on behalf of and in the interests Of companies as potential Customers/Suppliers/other third parties and current Counterparties of the Operator;

- natural persons-applicants.

2.11.Information constituting personal data on the Site is any information relating to a particular or determined on the basis of such information to an individual (subject of personal data).

2.12. Sources of personal data of Users.

2.12.1. The source of information about all personal data of the User is the User himself.

2.12.2. The source of information about the User's personal data is the information obtained as a result of the User's provision to the Operator by filling out the forms of the site.

2.12.3. Personal data of Users are classified as confidential information of limited access.

2.12.4. Confidentiality of personal data is not required in the case of depersonalization, as well as in relation to publicly available personal data.

2.12.5. The operator has no right to collect and process personal data of the User about his race, nationality, political views, religious or philosophical beliefs, private life, except as provided by applicable law.

2.12.6. The operator has no right to receive and process personal data of the User about his membership in public associations or his trade Union activity, except for the cases stipulated by the Federal law.

2.13. Methods of processing personal data.

2.13.1. Personal data Of users of the Site are processed exclusively with the use of automation tools.

2.14. Rights of subjects (Users) of personal data.

2.14.1. The user has the right to obtain information about the Operator, its location, the presence of the Operator of personal data relating to a particular subject of personal data (User), as well as to familiarize with such personal data, except for the cases provided for in part 8 of article 14 Of the law on personal data.

2.14.2. The user has the right to receive the following information from the operator upon personal appeal to Him or upon receipt by the Operator of a written request from the User concerning the processing of his personal data, including:

confirmation of the fact of processing of personal data by the Operator, as well as the purpose of such processing;

legal grounds and purposes of personal data processing;

purposes and methods of personal data processing used by the Operator;

name and location of the Operator, information about persons (except for employees of the operator) who have access to personal data or to whom personal data may be disclosed on the basis of an agreement with the Operator or on the basis of Federal law;

processed personal data relating to the relevant subject of personal data, the source of their receipt, unless another procedure for providing such data is provided by Federal law;

terms of processing of personal data, including terms of their storage;

procedure for the exercise by the subject of personal data of the rights provided by the Federal law;

information on cross-border data transfers that have taken place or are expected to take place;

name or surname, name, patronymic and address of the person processing personal data on behalf of the Operator, if the processing is entrusted or will be entrusted to such person;

other information provided by Federal law or other Federal laws;

demand changes, clarifications, destruction of information about yourself;

to appeal against illegal actions or inaction on processing of personal data and to demand corresponding compensation in court;

on addition of personal data of estimated character by the statement expressing its own point of view;

identify representatives to protect your personal data;

require the Operator to notify of any changes or exceptions made to them.

In the event of a request from the User to transfer personal data to another Operator, correct such data or provide access to them, the Operator may first request additional information to confirm the identity of the User.

2.14.3. The user has the right to appeal to the authorized body for the protection of the rights of personal data subjects or in court the actions or inaction of the operator, if he believes that the Latter processes his personal data in violation of the requirements of the Federal law "on personal data" or otherwise violates his rights and freedoms.

2.15. Duties Of The Operator.

2.15.1. Upon personal request or upon receipt of a written request of the personal data subject or his representative, the Operator, if there are grounds, shall, within 30 days from the date of the request or receipt of the request of the personal data subject or his representative, provide information to the extent prescribed by Federal law. Such information shall be provided to the personal data subject in an accessible form, and it shall not contain personal data relating to other personal data subjects, except in cases where there are legal grounds for disclosure of such personal data.

2.15.2. All applications of personal data subjects or their representatives are registered in the Register of applications of citizens (subjects of personal data) on the processing of personal data.

2.15.3. In case of refusal to provide the personal data subject or his representative with information on the availability of personal data about the relevant personal data subject, the Operator shall give in writing a reasoned response containing a reference to the provision of part 8 of article 14 of the personal data Law or other Federal law, which is the basis for such refusal, within a period not exceeding 30 days from the date of application of the personal data subject or his representative, or from the date of receipt of the request of the personal data subject or his representative.

2.15.4. In case of receiving a request from the authorized body for the protection of the rights of personal data subjects to provide information necessary for the activities of the said body, the Operator is obliged to report such information to the authorized body within 30 days from the date of receipt of such request.

2.15.5. In case of detection of unlawful processing of personal data in circulation, or at the request of the personal data subject or his representative or the authorized body for the protection of the rights of subjects of personal data the Operator is obliged to block unlawfully processed personal data relating to the data subject, since such treatment or receipt of the request for the period of check.

2.15.6. In case of detection of illegal processing of personal data carried out by the operator, the Latter within a period not exceeding three working days from the date of this detection shall be obliged to stop the illegal processing of personal data. The Operator is obliged to notify the personal data subject or his representative about the elimination of the committed violations, and if the appeal of the personal data subject or his representative or the request of the authorized body for the protection of the rights of personal data subjects were sent by the authorized body for the protection of the rights of personal data subjects, also the specified body.

2.15.7. In case of achievement of the purpose of personal data processing, the Operator is obliged to stop processing of personal data and destroy personal data within a period not exceeding 30 working days from the date of achievement of the purpose of personal data processing, unless otherwise provided by the agreement to which the subject of personal data is a party.

2.15.8. It is prohibited to make decisions on the basis of exclusively automated processing of personal data that generate legal consequences for the subject of personal data or otherwise affect his rights and legitimate interests.

2.16. Privacy policy of personal data.

2.16.1. The operator ensures confidentiality and security of personal data during their processing in accordance with the requirements of the legislation of the Russian Federation.

2.16.2. The operator does not disclose or distribute personal data to third parties without the consent of the personal data subject, unless otherwise provided by Federal law.

2.16.3. In accordance with the list of personal data processed on the site, personal data Of users of the Site are confidential information.

2.16.4. Persons processing personal data are obliged to comply with the requirements of the regulatory documents of the Operator in terms of ensuring the confidentiality and security of personal data.

3. Personal data processing

3.1. Processing of personal data is carried out:

with the consent of the personal data subject to the processing of his personal data;

in cases where the processing of personal data is necessary for the implementation and performance of the functions, powers and duties assigned by the legislation of the Russian Federation;

in cases where personal data is processed, the access of an unlimited number of persons to which is provided by the personal data subject or at his request (hereinafter-personal data made publicly available by the personal data subject).

3.2. The operator collects Personal data received from Users for different purposes. The operator provides services under the B2B system, i.e. does not receive or provide services to individuals who have not passed the state registration as entrepreneurs.

3.3.1. The list of Personal data of Users of physical persons (representatives of Clients, Suppliers and other third parties) acting on behalf of and in the interests of companies of potential Clients:

Cookies (network address of the user's device (IP address of the Internet user), information about the fact, date, time of visiting network addresses, information about the fact, date, time of visiting sites or pages of sites, user search queries, geographical address of the user's connection point, etc.);

e-mail;

phone number;

user name.

3.3.2. Personal data Of users of natural persons – applicants, consist of the following list:

FCS;

Date of birth;

Citizenship;

Marital status and family composition;

Education;

Occupation;

Employment (date of admission, date of departure, name of the organization, position);

The category and validity period of driving licence;

Passport (validity);

The validity of the Visa;

Digital cartographer card (validity period);

Work experience with category E;

Experience in international transportation;

Contact phone number;

Contact email;

Cookies (network address of the user's device (IP address of the Internet user), information about the fact, date, time of visiting network addresses, information about the fact, date, time of visiting sites or pages of sites, user search queries, geographical address of the user's connection point, etc.);

3.3. The persons having the right of access to personal data.

3.3.1. The right of access to the personal data of the subjects shall be vested in persons with the relevant powers in accordance with their official duties.

3.3.2. The list of persons with access to personal data is approved by the General Director of the Operator.

3.4. The procedure and terms of storage of personal data on the Site.

3.4.1. The operator carries out the collection, systematization, accumulation, storage (unlimited), clarification (update, change), use, transfer (provision, access), blocking, deletion, destruction of personal data of Users.

3.4.2. The terms of storage of personal data of Users are determined by the terms of the User agreement (Consent to the processing of personal data), are put into effect from the moment of acceptance (acceptance) by the User of this agreement on the Site and are valid until the User declares his desire to delete his personal data.

3.4.4. Upon expiration of the above-mentioned period of storage of personal data of the User, The user's personal data is deleted automatically by the specified algorithm, which is set by the Operator.

3.4.5. The operator does not process personal data of Users on paper.

3.5. Blocking of personal data.

3.5.1. The blocking of personal data is understood as the temporary termination by the Operator of operations on their processing at the request of the User in case of detection by him of unreliability of the processed data or illegal, in the opinion of the subject of personal data, actions concerning his data.

3.5.2. The operator may assign the collection, processing, storing personal data of Users (Customers, Suppliers, and other third parties) to third parties with the consent of the data subject, unless otherwise provided by Federal law, including (but not limited to): Cookies involving third-parties: Google Analytics and Yandex.Metric, Yandex.Direct and with the consent of the User). Personal data of Site Users (natural persons-applicants) are processed by the operator's employees (database administrators, etc.). d.) admitted by the established procedure to the processing of personal data of Users.

3.5.3. Blocking of personal data on the Site is carried out on the basis of a written application from the subject of personal data.

3.6. Destruction of personal data.

3.6.1. The destruction of personal data is understood as actions, as a result of which it becomes impossible to restore the content of personal data on the Site and/or as a result of which the material carriers of personal data are destroyed.

3.6.2. The personal data subject has the right to demand in writing the destruction of his personal data if the personal data are incomplete, outdated, unreliable, illegally obtained or are not necessary for the stated purpose of processing.

3.6.3. In case of absence of possibility of destruction of personal data the Operator carries out blocking of such personal data.

3.6.4. Destruction of personal data is carried out by erasing information using software with guaranteed destruction (in accordance with the specified characteristics for the installed software with guaranteed destruction).

4. The system of personal data protection

4.1. Measures to ensure the security of personal data during their processing.

4.1.1. When processing personal data, the operator is obliged to take the necessary legal, organizational and technical measures or ensure their adoption to protect personal data from illegal or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data.

4.1.2. Ensuring the security of personal data is achieved, in particular:

- identification of threats to the security of personal data during their processing in information systems of personal data;

- application of organizational and technical measures to ensure the security of personal data during their processing in information systems of personal data necessary to meet the requirements for the protection of personal data;

- application of the means of information protection which have passed in accordance with the established procedure of conformity assessment;

- assessment of the effectiveness of measures taken to ensure the security of personal data before commissioning of the personal data information system;

- taking into account machine carriers of personal data;

- detection of unauthorized access to personal data and taking measures;

- recovery of personal data modified or destroyed due to unauthorized access to them;

- establishing rules for access to personal data processed in the personal data information system, as well as ensuring registration and accounting of all actions performed with personal data in the personal data information system;

- control over the measures taken to ensure the security of personal data and the level of protection of information systems of personal data.

4.1.3. For the purposes of regulation under the personal data security threats means the totality of conditions and factors that create the risk of unauthorized, including random, access to personal data, which may result in the destruction, alteration, blocking, copying, provision, dissemination of personal data and other misconduct during their processing in personal data information systems. The level of protection of personal data is understood as a complex indicator characterizing the requirements, the implementation of which ensures the neutralization of certain threats to the security of personal data during their processing in the information system of personal data.

4.2. Protected information about the subject of personal data.

The protected information about the subject of personal data on the Site includes data that allows you to identify the subject of personal data and/or obtain additional information about it, provided by law and Regulations.

4.3. Protected objects of personal data.

4.3.1. The protected objects of personal data on the Site include:

- objects of Informatization and technical means of automated processing of information containing personal data;

- information resources (databases, files, etc.) containing information about information and telecommunication systems in which personal data circulate, about events that occurred with managed objects, about plans to ensure uninterrupted operation and procedures for transition to emergency management;

- communication channels that are used to transmit personal data in the form of informative electrical signals and physical fields;

– removable media, the information on the magnetic, magneto-optical or other basis used for the processing of personal data.

4.3.2. Technological information about information systems and elements of the personal data protection system subject to protection includes:

- information about the access control system to the objects of Informatization, where personal data is processed;

- control information (configuration files, routing tables, security settings, etc.);

- technological information of means of access to control systems (authentication information, keys and attributes of access, etc.);

- characteristics of communication channels that are used to transmit personal data in the form of informative electrical signals and physical fields;

- information about personal data protection means, their composition and structure, principles and technical solutions of protection;

- service data (metadata) appearing during the operation of the software, messages and protocols of inter-network interaction, as a result of the processing of personal data.

4.4. Requirements to the personal data protection system.

The personal data protection system must comply with the requirements of The government decree No. 1119 of 01.11.2012 "on approval of the requirements for the protection of personal data during their processing in personal data information systems".

4.4.1. The system of personal data protection should provide:

- timely detection and prevention of unauthorized access to personal data and (or) transfer to persons who do not have the right to access such information;

- prevention of impact on the technical means of automated processing of personal data, as a result of which their functioning may be disrupted;

- the possibility of immediate recovery of personal data modified or destroyed due to unauthorized access to them;

- constant monitoring of the level of protection of personal data.

4.5. Methods and methods of information protection in personal data information systems.

4.5.1. Methods and methods of information protection in information systems of personal data of the Operator shall comply with the requirements:

- FSTEC order No. 21 dated 18.02.2013 " on approval of the Composition and content of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems»;

- order of the FSB of 10.07.2014 No. 378 "on approval of the Composition and content of organizational and technical measures to ensure the security of personal data during their processing in information systems of personal data using cryptographic protection of information necessary to comply with the requirements established by the Government of the Russian Federation for the protection of personal data for each level of security" (in case the Operator determines the need to use cryptographic protection of information to ensure the security of personal data).

4.5.2. The main methods and methods of information protection in the information systems of personal data of Users are methods and methods of information protection against unauthorized, including accidental, access to personal data, which may result in the destruction, modification, blocking, copying, distribution of personal data, as well as other unauthorized actions (hereinafter-methods and methods of information protection from NSD).

4.5.3. The choice and implementation of methods and methods of information protection on the Site is carried out in accordance with the recommendations of regulators in the field of information protection – FSTEC of Russia and FSB of Russia, taking into account the threats to the security of personal data determined by the Operator (threat model) and depending on the class of the information system.

4.5.4. The chosen and implemented methods and methods of information protection on the Site should ensure the neutralization of alleged threats to the security of personal data during their processing.

4.6. Measures to protect the information constituting personal data.

4.6.1. Measures to protect databases containing personal data taken by the Operator should include:

- determination of the list of information constituting personal data;

- restriction of access to information containing personal data by establishing a procedure for handling this information and monitoring compliance with such an order.

4.6.2. Measures to protect the confidentiality of information are considered reasonably sufficient if:

- access to personal data of any third parties without the consent of the Operator is excluded;

- it is possible to use information containing personal data without violating the legislation on personal data;

– when working with the User, the Operator establishes such a procedure of actions, which ensures the safety of information containing personal data of the User.

4.6.3. Personal data may not be used for purposes contrary to the requirements of Federal law, protection of the constitutional order, morality, health, rights and lawful interests of other persons, national defense and state security.

4.7. Responsibility.

4.7.1. All employees of the Operator engaged in the processing of personal data are obliged to keep confidential information containing personal data, in accordance with the Regulations, the requirements of the legislation of the Russian Federation.

4.7.2. Persons guilty of violating the requirements of the Regulations shall be liable under the legislation of the Russian Federation.

4.7.3. The responsibility for compliance with the personal data regime in relation to personal data stored in the databases of the Site is borne by those responsible for the processing of personal data.

4.7.4. Implementation of internal control and audit.

5. Final provision

5.1. In the event of changes in the current legislation of the Russian Federation, amendments to the regulations on the protection of personal data, this Provision shall apply to the extent that it does not contradict the current legislation before bringing it into compliance with such.

5.2. The terms of this Provision shall be established, amended and cancelled by the Operator unilaterally without prior notice to the User. From the moment of posting on the Site of the new version of the Provision, the previous version is considered to be invalid. In the event of a material change in the terms of this Agreement, the Operator shall notify the Users thereof by posting a corresponding message on the Website.

5.3. If the User does not agree with the terms of this Provision, he must not provide his personal data to the Operator, and in case of need to withdraw the provided PD, immediately write a statement to the Operator at: service@alev-trans.ru, otherwise, the user's continued use of the Site means that the User agrees to the terms of this Statement.

5.4. The operator may at any time change this Policy by posting a new revisions Policy (without removing previous versions) on the website and without additional notification, provided the agreement for treatment of PD prior to introduction of the new edition of the Policy.

5.5. In the event that any provision of this Policy is found to be invalid, the Policy shall continue in effect for the remainder.

Thank you!
Your application has been successfully submitted.
Our Manager will contact you soon.
Thank you!
Your application for the position of "International Driver" has been accepted.
You are subscribed.
Thank you!
Sorry, we are improving the calculator for your convenience.
Soon everything will work!
Format: