Calculate the cost of developing your website:
Thank you for your answers. To allow me to get in touch with you, please fill out the form below.
1. General Provisions
This personal data processing policy has been prepared in accordance with the requirements of Federal Law No. 152-FZ dated July 27, 2006 “On Personal Data” (hereinafter referred to as the “Personal Data Law”) and defines the procedure for processing personal data and the measures taken by Individual Entrepreneur Diana Derivedmed (hereinafter referred to as the “Operator”) to ensure the security of personal data.
1.1.The Operator considers compliance with the rights and freedoms of individuals and citizens during the processing of personal data, including protection of the rights to privacy and personal and family confidentiality, to be its highest priority and an essential condition for carrying out its activities.
1.2.This Operator’s policy regarding the processing of personal data (hereinafter referred to as the “Policy”) applies to all information that the Operator may obtain about visitors of the website https://design-deri.com/.
2. Basic Terms Used in the Policy
2.1.Automated processing of personal data — processing of personal data using computer technology.
2.2.Blocking of personal data — temporary suspension of personal data processing (except where processing is necessary to clarify personal data).
2.3.Website — a collection of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at https://design-deri.com/.
2.4.Personal data information system — a set of personal data contained in databases and the information technologies and technical means ensuring their processing.
2.5.Depersonalization of personal data — actions resulting in the impossibility of determining, without the use of additional information, the принадлежность personal data to a specific User or another subject of personal data.
2.6.Processing of personal data — any action (operation) or set of actions (operations) performed with or without the use of automation tools on personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7.Operator — a state authority, municipal authority, legal entity, or individual that independently or jointly with others organizes and/or carries out the processing of personal data and determines the purposes of personal data processing, the composition of personal data subject to processing, and the actions (operations) performed with personal data.
2.8.Personal data — any information relating directly or indirectly to an identified or identifiable User of the website https://design-deri.com/.
2.9.Personal data permitted for distribution by the subject of personal data — personal data to which an unlimited number of persons have been granted access by the personal data subject through consent for the processing of personal data permitted for distribution in accordance with the Personal Data Law.
2.10.User — any visitor of the website https://design-deri.com/.
2.11.Provision of personal data — actions aimed at disclosing personal data to a certain person or a certain group of persons.
2.12.Distribution of personal data — any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or familiarizing an unlimited number of persons with personal data, including publication in mass media, posting in information and telecommunication networks, or providing access to personal data in any other way.
2.13.Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a foreign governmental authority, foreign individual, or foreign legal entity.
2.14.Destruction of personal data — any actions resulting in the irreversible destruction of personal data without the possibility of further recovery of the content of personal data in the personal data information system and/or destruction of physical media containing personal data.
3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right to:— receive accurate information and/or documents containing personal data from the personal data subject;
— continue processing personal data without the consent of the personal data subject in the event the subject withdraws consent or submits a request to stop processing personal data, provided there are legal grounds specified in the Personal Data Law;
— independently determine the composition and list of measures necessary and sufficient to ensure compliance with obligations stipulated by the Personal Data Law and other applicable legal acts, unless otherwise provided by law.
3.2. The Operator is obliged to:— provide the personal data subject, upon request, with information regarding the processing of their personal data;
— organize personal data processing in accordance with the current legislation of the Russian Federation;
— respond to requests and inquiries from personal data subjects and their legal representatives in accordance with the requirements of the Personal Data Law;
— provide the authorized body for the protection of personal data subjects’ rights with necessary information within 10 days from receipt of the request;
— publish or otherwise ensure unrestricted access to this Policy regarding personal data processing;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, distribution, and other unlawful actions;
— stop transfer (distribution, provision, access) of personal data, stop processing, and destroy personal data in cases stipulated by the Personal Data Law;
— fulfill other obligations предусмотренные applicable legislation
4. Basic Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:— receive information regarding the processing of their personal data, except in cases provided by federal laws;
— require clarification, blocking, or destruction of their personal data if such data is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose;
— require prior consent for processing personal data for marketing purposes;
— withdraw consent to personal data processing and request termination of processing;
— appeal unlawful actions or inaction of the Operator to the authorized body or in court;
— exercise other rights provided by the legislation of the Russian Federation.
4.2. Personal data subjects are obliged to:— provide accurate personal data;
— inform the Operator about updates or changes to their personal data.
4.3.Persons who provide false information about themselves or another personal data subject without consent bear responsibility in accordance with the legislation of the Russian Federation.
5. Principles of Personal Data Processing
5.1.Personal data processing is carried out on a lawful and fair basis.
5.2.Processing is limited to achieving specific, predetermined, and legitimate purposes.
5.3.Combining databases containing personal data processed for incompatible purposes is not allowed.
5.4.Only personal data relevant to processing purposes shall be processed.
5.5.The content and scope of processed personal data correspond to the stated purposes.
5.6.Accuracy, sufficiency, and relevance of personal data are ensured.
5.7.Personal data shall be stored no longer than required for processing purposes unless otherwise provided by federal law or agreement.
6. Purposes of Personal Data Processing
7. Conditions for Pesonal Data Processing
7.1.Processing is carried out with the consent of the personal data subject.
7.2.Processing is necessary for purposes established by international treaties or laws of the Russian Federation.
7.3.Processing is necessary for administration of justice or execution of judicial acts.
7.4.Processing is necessary for execution of contracts involving the personal data subject.
7.5.Processing is necessary for exercising rights and legitimate interests of the Operator or third parties.
7.6.Processing of publicly available personal data is permitted.
7.7.Processing of personal data subject to mandatory publication or dsclosure is permitted.
8. Procedure for Collection, Storage, Transfer, and Other Types of Prsonal Data Processing
The security of personal data processed by the Operator is ensured through legal, organizational, and technical measures required under applicable law.
8.1.The Operator ensures the safety of personal data and prevents unauthorized access.
8.2.Personal data will never be transferred to third parties except as required by law or with the consent of the personal data subject.
8.3.Users may update their personal data by sending a request to diana@design-deri.com marked “Personal Data Update”.
8.4.Users may withdraw consent by emailing diana@design-deri.com marked “Withdrawal of Consent for Personal Data Processing”.
8.5.Third-party services process data in accordance with their own privacy policies. The Operator is not responsible for their actions.
8.6.Restrictions established by the personal data subject regarding distribution of personal data do not apply in cases provided by law.
8.7.The Operator ensures confidentiality of personal data.
8.8.Personal data is stored no longer than required for processing purposes.
8.9.Processing may cease upon achievement of purposes, expiration of consent, withdrawal of consent, or detection of unlawful processing.
9. List of Actions Performed by the Operator with Personal Data
9.1.The Operator performs collection, recording, systematization, accumulation, storage, updating, extraction, use, transfer, depersonalization, blocking, deletion, and destruction of personal data.
9.2.The Operator performs automated processing of personal data with or without transmission via information and telecommunication networks.
10. Cross-Border Transfer of Personal Data
10.1.Before carrying out cross-border transfer of personal data, the Operator shall notify the authorized body for the protection of personal data subjects’ rights.
10.2.Before submitting such notification, the Operator must obtain necessary information from foreign authorities, individuals, or legal entities involved in the transfer.
11. Confidentiality of Personal DataThe Operator and other persons who obtained access to personal data are obliged not to disclose or distribute personal data without consent of the personal data subject unless otherwise provided by federal law.
12. Final Provisions
12.1.Users may obtain clarification regarding personal data processing by contacting diana@design-deri.com.
12.2.Any changes to this Policy will be reflected in this document. The Policy remains valid indefinitely until replaced by a new version.
12.3.The current version of the Policy is publicly available at:
https://design-deri.com/eng/privacy-policy
This personal data processing policy has been prepared in accordance with the requirements of Federal Law No. 152-FZ dated July 27, 2006 “On Personal Data” (hereinafter referred to as the “Personal Data Law”) and defines the procedure for processing personal data and the measures taken by Individual Entrepreneur Diana Derivedmed (hereinafter referred to as the “Operator”) to ensure the security of personal data.
1.1.The Operator considers compliance with the rights and freedoms of individuals and citizens during the processing of personal data, including protection of the rights to privacy and personal and family confidentiality, to be its highest priority and an essential condition for carrying out its activities.
1.2.This Operator’s policy regarding the processing of personal data (hereinafter referred to as the “Policy”) applies to all information that the Operator may obtain about visitors of the website https://design-deri.com/.
2. Basic Terms Used in the Policy
2.1.Automated processing of personal data — processing of personal data using computer technology.
2.2.Blocking of personal data — temporary suspension of personal data processing (except where processing is necessary to clarify personal data).
2.3.Website — a collection of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at https://design-deri.com/.
2.4.Personal data information system — a set of personal data contained in databases and the information technologies and technical means ensuring their processing.
2.5.Depersonalization of personal data — actions resulting in the impossibility of determining, without the use of additional information, the принадлежность personal data to a specific User or another subject of personal data.
2.6.Processing of personal data — any action (operation) or set of actions (operations) performed with or without the use of automation tools on personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7.Operator — a state authority, municipal authority, legal entity, or individual that independently or jointly with others organizes and/or carries out the processing of personal data and determines the purposes of personal data processing, the composition of personal data subject to processing, and the actions (operations) performed with personal data.
2.8.Personal data — any information relating directly or indirectly to an identified or identifiable User of the website https://design-deri.com/.
2.9.Personal data permitted for distribution by the subject of personal data — personal data to which an unlimited number of persons have been granted access by the personal data subject through consent for the processing of personal data permitted for distribution in accordance with the Personal Data Law.
2.10.User — any visitor of the website https://design-deri.com/.
2.11.Provision of personal data — actions aimed at disclosing personal data to a certain person or a certain group of persons.
2.12.Distribution of personal data — any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or familiarizing an unlimited number of persons with personal data, including publication in mass media, posting in information and telecommunication networks, or providing access to personal data in any other way.
2.13.Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a foreign governmental authority, foreign individual, or foreign legal entity.
2.14.Destruction of personal data — any actions resulting in the irreversible destruction of personal data without the possibility of further recovery of the content of personal data in the personal data information system and/or destruction of physical media containing personal data.
3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right to:— receive accurate information and/or documents containing personal data from the personal data subject;
— continue processing personal data without the consent of the personal data subject in the event the subject withdraws consent or submits a request to stop processing personal data, provided there are legal grounds specified in the Personal Data Law;
— independently determine the composition and list of measures necessary and sufficient to ensure compliance with obligations stipulated by the Personal Data Law and other applicable legal acts, unless otherwise provided by law.
3.2. The Operator is obliged to:— provide the personal data subject, upon request, with information regarding the processing of their personal data;
— organize personal data processing in accordance with the current legislation of the Russian Federation;
— respond to requests and inquiries from personal data subjects and their legal representatives in accordance with the requirements of the Personal Data Law;
— provide the authorized body for the protection of personal data subjects’ rights with necessary information within 10 days from receipt of the request;
— publish or otherwise ensure unrestricted access to this Policy regarding personal data processing;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, distribution, and other unlawful actions;
— stop transfer (distribution, provision, access) of personal data, stop processing, and destroy personal data in cases stipulated by the Personal Data Law;
— fulfill other obligations предусмотренные applicable legislation
4. Basic Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:— receive information regarding the processing of their personal data, except in cases provided by federal laws;
— require clarification, blocking, or destruction of their personal data if such data is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose;
— require prior consent for processing personal data for marketing purposes;
— withdraw consent to personal data processing and request termination of processing;
— appeal unlawful actions or inaction of the Operator to the authorized body or in court;
— exercise other rights provided by the legislation of the Russian Federation.
4.2. Personal data subjects are obliged to:— provide accurate personal data;
— inform the Operator about updates or changes to their personal data.
4.3.Persons who provide false information about themselves or another personal data subject without consent bear responsibility in accordance with the legislation of the Russian Federation.
5. Principles of Personal Data Processing
5.1.Personal data processing is carried out on a lawful and fair basis.
5.2.Processing is limited to achieving specific, predetermined, and legitimate purposes.
5.3.Combining databases containing personal data processed for incompatible purposes is not allowed.
5.4.Only personal data relevant to processing purposes shall be processed.
5.5.The content and scope of processed personal data correspond to the stated purposes.
5.6.Accuracy, sufficiency, and relevance of personal data are ensured.
5.7.Personal data shall be stored no longer than required for processing purposes unless otherwise provided by federal law or agreement.
6. Purposes of Personal Data Processing
Purpose of processing | Informing the User via email notifications |
Personal dat | last name, first name, patronymic; email address; phone number |
Legal basis | the Operator’s charter (constituent) documents |
Types of personal data processins | Sending informational emails to the email address |
7. Conditions for Pesonal Data Processing
7.1.Processing is carried out with the consent of the personal data subject.
7.2.Processing is necessary for purposes established by international treaties or laws of the Russian Federation.
7.3.Processing is necessary for administration of justice or execution of judicial acts.
7.4.Processing is necessary for execution of contracts involving the personal data subject.
7.5.Processing is necessary for exercising rights and legitimate interests of the Operator or third parties.
7.6.Processing of publicly available personal data is permitted.
7.7.Processing of personal data subject to mandatory publication or dsclosure is permitted.
8. Procedure for Collection, Storage, Transfer, and Other Types of Prsonal Data Processing
The security of personal data processed by the Operator is ensured through legal, organizational, and technical measures required under applicable law.
8.1.The Operator ensures the safety of personal data and prevents unauthorized access.
8.2.Personal data will never be transferred to third parties except as required by law or with the consent of the personal data subject.
8.3.Users may update their personal data by sending a request to diana@design-deri.com marked “Personal Data Update”.
8.4.Users may withdraw consent by emailing diana@design-deri.com marked “Withdrawal of Consent for Personal Data Processing”.
8.5.Third-party services process data in accordance with their own privacy policies. The Operator is not responsible for their actions.
8.6.Restrictions established by the personal data subject regarding distribution of personal data do not apply in cases provided by law.
8.7.The Operator ensures confidentiality of personal data.
8.8.Personal data is stored no longer than required for processing purposes.
8.9.Processing may cease upon achievement of purposes, expiration of consent, withdrawal of consent, or detection of unlawful processing.
9. List of Actions Performed by the Operator with Personal Data
9.1.The Operator performs collection, recording, systematization, accumulation, storage, updating, extraction, use, transfer, depersonalization, blocking, deletion, and destruction of personal data.
9.2.The Operator performs automated processing of personal data with or without transmission via information and telecommunication networks.
10. Cross-Border Transfer of Personal Data
10.1.Before carrying out cross-border transfer of personal data, the Operator shall notify the authorized body for the protection of personal data subjects’ rights.
10.2.Before submitting such notification, the Operator must obtain necessary information from foreign authorities, individuals, or legal entities involved in the transfer.
11. Confidentiality of Personal DataThe Operator and other persons who obtained access to personal data are obliged not to disclose or distribute personal data without consent of the personal data subject unless otherwise provided by federal law.
12. Final Provisions
12.1.Users may obtain clarification regarding personal data processing by contacting diana@design-deri.com.
12.2.Any changes to this Policy will be reflected in this document. The Policy remains valid indefinitely until replaced by a new version.
12.3.The current version of the Policy is publicly available at:
https://design-deri.com/eng/privacy-policy
ИП Дериведмедь Диана
©2018-2025 all rights reserved
©2018-2025 all rights reserved
Sole Proprietor Diana Derivedmed