Access confirmation to recordings:
Enter your e-mail and registration password
by filling out the form, you agree with the participation rules and with the personal data processing
Participation rules for webinars and online broadcasts of the course
1. General conditions
1.1. You cannot distribute access, we can block the participant without a refund.
1.2. The number of connected devices is limited. Signing in in a new browser or in incognito mode (hidden browser mode) is treated as signing in on a new device.
1.3. If the maximum number of connected devices is exceeded, access can be automatically blocked.
1.4. Logging in from a second device will automatically end the session on the previous device. Then you can re-authorize on any of the devices. Those. only 1 active authorization is allowed at a moment.
2. On certain courses, we may apply automatic blocking of access for participants who have not yet completed the student's questionnaire.
3. If you do not agree with the rules for participation, close the webinar room page, broadcast page, and class recording page. Do not use the services provided if you disagree with the rules and requirements for course participants.
Personal Data Processing Policy
1. General provisions
1.1. Norbekov Center's Personal Data Processing Policy (hereinafter referred to as "Policy") stipulates the basic principles, objectives, conditions and methods for personal data processing, lists of data subjects and personal data processed in Norbekov Center, Norbekov Center's functions while processing personal data, rights of data subjects, as well as Norbekov Center's requirements to the personal data protection.
1.2. The Policy is developed based on the requirements of the Constitution of the Russian Federation, legislative and other statutory acts of the Russian Federation related to personal data.
1.3. The Policy provisions serve as the basis for developing corporate statutory acts, which stipulate processing personal data of Norbekov Center's employees and other data subjects.
1.4. The Policy provisions serve as the basis for developing corporate statutory acts by Norbekov Center's subsidiaries and entities stipulating personal data processing in the abovementioned entities.
2. Legislative and other statutory acts of Russian Federation stipulating Norbekov Center's Personal Data Processing Policy
2.1. Norbekov Center's Personal Data Processing Policy is based on the following statutory acts:
The Labor Code of the Russian Federation;
The Federal Law No. 152-FZ 'On Personal Data', dated July 27, 2006;
The Decree of the Russian President No. 188 'On Approving the List of Confidential Data', dated March 6, 1997;
The Russian Federation Government Resolution No. 687 'On Approving the Provision Regarding Properties of Personal Data Processing without Software', dated September 15, 2008;
The Russian Federation Government Resolution No. 512 'On Approving the Requirements to Biometric Personal Data Tangible Carrier and Such Data Storage Beyond Personal Data Information Systems', dated July 6, 2008;
The Russian Federation Government Regulation No. 1119 'On Approving the Requirements to the Personal Data Protection While Processing in Personal Data Information Systems', dated November 1, 2012;
The Order of FSTEC of Russia No. 55, FSB of Russia No. 86, the Ministry of Information Technologies and Communications of Russia No. 20 'On Approving the Procedure for Classifying Personal Data Information Systems', dated February 13, 2008;
The Order of FSTEC of Russia No. 21 'On Approving the List and Scope of Planning and Technical Activities for Protection of Personal Data While Processing via Personal Data Information Systems', dated February 18, 2013;
The Order of the Russian Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications No. 996 'On Approving the Requirements and Methods for Depersonalizing Personal Data', dated September 5, 2013;
other statutory acts of the Russian Federation and legal documents of authorized government bodies.
2.2. With a view to implement the Policy provisions, Norbekov Center develops relevant corporate statutory acts and other documents, including:
provision on personal data processing in Norbekov Center;
provision on the personal data protection while processing via personal data information systems in Norbekov Center, its subsidiaries and entities;
list of positions provided for structural units of Norbekov Center's administration, its branches and representative offices and subjects to personal data processing in case of substitution;
procedures for personal data processing in the structural units of Norbekov Center's administration, its branches and representative offices;
other corporate statutory acts and documents related to personal data processing in Norbekov Center.
3. Basic terms and definitions used in corporate statutory acts of Norbekov Center related to personal data processing
Personal data – any information related to directly or indirectly specified natural person (data subject).
Information – details (reports, data) regardless their presentation form.
Operator – state authority, municipal authority, legal or private person, who severally or jointly arranges and/or performs personal data processing, as well as defines the aims of personal data processing, the volume of personal data subject to processing and personal data handling.
Personal data processing – any action or a series of actions performed towards personal data with or without the software, including the personal data acquisition, recording, systematization, accumulation, storage, update and alteration, extraction, use, transfer (distribution, presentation, providing access), depersonalization, blocking, deleting and annihilation.
Automated personal data processing – personal data processing via PC software.
Personal data presentation – personal data disclosure to particular person or certain group of persons.
Personal data distribution – personal data disclosure to uncertain group of persons.
Trans-border transfer of personal data – personal data transfer to a foreign country, foreign government body and foreign natural or legal person.
Personal data blocking – temporary interruption of personal data processing (except where processing is required for personal data update or alteration).
Personal data annihilation – actions making it impossible to restore personal data volume in the personal data information system and/or resulting in the elimination of tangible personal data carriers.
Personal data depersonalization – actions making it impossible to identify personal data as related to a certain data subject without involving an additional information.
Personal data information system – a set of personal data included into personal data databases, as well as the software and tools used for their processing.
4. Principles and purposes for personal data processing
4.1. Norbekov Center in its capacity as a personal data operator performs personal data processing for the employees of Norbekov Center and other data subjects not employed by Norbekov Center.
4.2. Norbekov Center performs data processing with due diligence to the protection of rights and freedoms of Norbekov Center's employees as well as other data subjects, including the protection of privacy right, personal and family secrets, based on the following principles:
personal data processing in Norbekov Center is performed on a legitimate equitable basis;
personal data processing is limited to reaching specific predetermined legitimate aims;
personal data processing incompatible with the purposes of personal data acquisition is not allowed;
combining databases that contain personal data processed for the purposes incompatible with each other is not allowed;
personal data meeting the purposes of their processing may only be processed;
scope and amount of personal data comply with the stated purposes of processing. The personal data redundancy in relation to the stated purposes is not allowed;
while processing personal data, accuracy, adequacy and actuality (if necessary) of personal data are provided in relation to the purposes of personal data processing. Norbekov Center makes all reasonable efforts to delete or adjust incomplete or inaccurate personal data;
personal data are stored in the form that enables to define the data subject no longer than it's required for the purposes of personal data processing, in case the personal data retention period is not set by a federal law or an agreement under which the data subject acts as a party, beneficiary or guarantor;
personal data under processing are deleted or depersonalized once the purposes of processing are achieved or in case achieving these purposes is not required anymore, unless otherwise provided by a federal law.
4.3. Norbekov Center processes personal data for the purpose of:
complying with the Constitution of the Russian Federation, legislative and other statutory acts of the Russian Federation and corporate statutory acts of Norbekov Center;
exercising functions, powers and requirements imposed upon Norbekov Center by the Government of the Russian Federation, including the personal data presentation to the government bodies, the Pension Fund of the Russian Federation, the Social Insurance Fund of the Russian Federation, Federal Mandatory Medical Insurance Fund of the Russian Federation, and other state bodies;
regulating the employment relationships with Norbekov Center's employees (promotion of employment, training and career advancement, personal security, control over the scope and quality of the work done, safekeeping of property);
providing Norbekov Center's employees and their families with additional guarantees and remunerations, including non-governmental pension coverage, voluntary health insurance, medical service and other kinds of social security;
protecting lives, health or other vital interests of personal data subjects;
developing, signing, executing and terminating agreements with counterparties;
arranging access procedures and in-house schedule at Norbekov Center's facilities;
developing reference materials for in-house information support of the activities of Norbekov Center, its branches and representative offices, as well as Norbekov Center's subsidiaries and entities;
executing court decisions, other bodies and authorities acts subject to execution in compliance with the Enforcement Law of the Russian Federation;
exercising rights and legal interests of Norbekov Center while carrying out activities stipulated by Norbekov Center's Articles of Association and other corporate statutory acts of Norbekov Center or third parties or with a view to achieve socially desirable purposes;
other legitimate purposes.
5. List of data subjects, which have their personal data processed at Norbekov Center
5.1. Norbekov Center provides processing personal data of the following data subjects:
employees of the structural units of Norbekov Center's administration, its branches and representative offices;
employees of Norbekov Center's subsidiaries and entities;
other personal data subjects (with a view to achieve the processing purposes stated in Section 4 of the Policy).
6. List of personal data processed at Norbekov Center
6.1. The list of personal data processed at Norbekov Center is stipulated by the Law of the Russian Federation and corporate statutory acts considering the personal data processing purposes stated in Section 4 of the Policy).
6.2. Special personal data categories concerning race and national identity, political commitment, religious or philosophic views and private life are not subject to processing at Norbekov Center.
7. Functions of Norbekov Center in personal data processing
7.1. While processing personal data, Norbekov Center:
takes relevant measures to ensure compliance with the Law of the Russian Federation and corporate statutory acts related to personal data;
establishes legal, planning and technical procedures to protect personal data against illegal or accidental access, annihilation, alteration, blocking, copying, presentation, distribution, as well as against other misconduct in relation to personal data;
appoints a party responsible for the arrangement of personal data processing at Norbekov Center;
issues corporate statutory acts stipulating the policy and personal data processing and protection procedures at Norbekov Center;
familiarizes the employees of Norbekov Center, its branches and representative offices directly involved in personal data processing with the provisions of the Law of the Russian Federation and corporate statutory acts of Norbekov Center related to personal data, including the requirements to the personal data protection, as well as provides for certain employees training;
publishes or otherwise provides unlimited access to this Policy;
informs personal data subjects or their representatives in due course of the available data related to the relevant subjects, provides the representation of these personal data upon notification and/or request of the mentioned data subjects or their representatives, unless otherwise provided by the Law of the Russian Federation;
terminates the processing and annihilates personal data as stipulated by the Law of the Russian Federation related to personal data;
performs other activities stipulated by the Law of the Russian Federation related to personal data.
8. Conditions of personal data processing at Norbekov Center
8.1. Personal data is processed at Norbekov Center with consent of a data subject to have his/her personal data processed, unless otherwise is provided by the Law of the Russian Federation related to personal data.
8.2. Norbekov Center shall not disclose or distribute personal data to third parties without consent of the data subject, unless otherwise is provided by the Law of the Russian Federation.
8.3. Norbekov Center is entitled to entrust personal data processing to a third party with the data subject consent and upon an agreement with such a third party. An agreement shall provide for the list of personal data operations to be accomplished by a person in charge for the data processing, processing purposes, liabilities of such a person to keep personal data confidential and protected in course of processing, as well as requirements to the processed personal data protection as per Article 19 of the Federal Act On Personal Data.
8.4. For the purpose of in-house data support Norbekov Center is entitled to develop reference documents, which provide (upon written consent of the relevant data subject) the subject name, family name, occupation, position, date of birth, address, subscriber number, e-mail address, other personal data presented by the relevant data person, unless otherwise is provided by the Law of the Russian Federation.
8.5. Access to personal data processed in Norbekov Center is only allowed to Norbekov Center's employees covered by the list of positions for structural units of Norbekov Center's administration, its branches and representative offices, substitution of which is subject to personal data processing.
9. Actions with personal data and ways of its processing
9.1. Norbekov Center provides for acquisition, logging, ranging, accumulation, storage, update and alteration, extraction, application, transfer (distribution, representation, and access), depersonalization, blocking, deletion and annihilation of personal data.
9.2. Personal data processing in Norbekov Center is provided in the following ways:
manual personal data processing;
automated personal data processing with further transfer of received information via communication networks or otherwise;
combined personal data processing.
10. Rights of personal data subjects
10.1. Data subjects are entitled for:
completing information on their personal data under processing in Norbekov Center;
accessing to their personal data, including copies of any records which contain their personal data, unless otherwise is provided by the Federal Law, as well as access to related health care information at their option under the medical expert supervision;
adjusting their personal data, as well as data blocking or annihilation in case of personal data are incomplete, outdated, inaccurate, illegally obtained or inessential for processing purpose declared;
revoking the consent given for personal data processing;
taking statutory actions to protect their rights;
appealing against Norbekov Center's action or inaction infringing the requirements of the Law of the Russian Federation related to personal data to the body authorized for the protection of data subject rights or to the court;
exercising other rights provided for by the Law of Russian Federation.
11. Actions taken by Norbekov Center to ensure proper personal data processing
11.1. Actions, essential and sufficient to ensure proper personal data processing by Norbekov Center in accordance with the Law of the Russian Federation related to personal data, are as following:
appointing a person in charge for the arrangement of personal data processing in Norbekov Center;
adopting corporate statutory acts and other regulations related to personal data processing and protection;
arranging the training for the employees of structural units of Norbekov Center's administration, its branches and representative offices, which occupy the positions covered by the list of positions for structural units of Norbekov Center's administration, its branches and representative offices, substitution of which is subject to personal data processing;
carrying consents of data subjects to their personal data processing, unless otherwise is provided by the Law of the Russian Federation;
isolating personal data processed manually from other data, including their storage at the separate personal data carriers and/or within separate sections;
ensuring the separate storage of personal data processed for different purposes and comprising different personal data categories;
prohibiting the personal data transfer via open communication channels, computation networks beyond control, Norbekov Center's Unified Internal System for Data Transfer and Internet without taking measures on the personal data protection set by Norbekov Center (excluding public and/or depersonalized personal data);
storing tangible personal data carriers that ensures the personal data safety and prevents unauthorized access to them;
exercising in-house control over the compliance of personal data processing with the Federal Law 'On Personal Data' and relevant statutory acts, personal data protection requirements, the Policy and Norbekov Center's corporate statutory acts;
other actions provided by the Law of the Russian Federation related to personal data.
11.2. Actions, providing the personal data protection while processing them by means of personal data information systems, shall correspond to Norbekov Center's corporate statutory acts, which stipulate the personal data protection measures while processing them by means of personal data information systems.
12. Control over compliance with Law of Russian Federation and Norbekov Center's corporate statutory acts related to personal data, including personal data protection requirements
12.1. Control over the adherence of structural units of Norbekov Center's administration, its branches and representative offices to the Law of the Russian Federation and corporate statutory acts of Norbekov Center related to personal data, including the personal data protection requirements, is aimed at ensuring the compliance of personal data processing by structural units of Norbekov Center's administration, its branches and representative offices to the Law of the Russian Federation and corporate statutory acts of Norbekov Center related to personal data, including the personal data protection requirements, as well as to measures aimed at prevention and identification of infringements of the Law of the Russian Federation related to personal data, identification of potential channels for the leakage of and the unauthorized access to personal data and the removal of consequences of such infringements.
12.2. In-house control over the adherence of structural units of Norbekov Center's administration, its branches and representative offices to the Law of the Russian Federation and corporate statutory acts of Norbekov Center related to personal data, including the personal data protection requirements, is exercised by a person in charge for the arrangement of personal data processing in Norbekov Center.
12.3. In-house control over the compliance of personal data processing to the Federal Law 'On Personal Data' and relevant statutory acts, the personal data protection requirements, the Policy and Norbekov Center's corporate statutory acts is exercised by the Corporate Protection Service of Norbekov Center.
12.4. Personal liability for the adherence of a structural unit of Norbekov Center's administration, its branch and representative office to the Law of the Russian Federation and corporate statutory acts of Norbekov Center related to personal data, as well as for ensuring the personal data confidentiality and safety within the mentioned divisions of Norbekov Center is imposed upon their executives.
1.1. Norbekov Center's Personal Data Processing Policy (hereinafter referred to as "Policy") stipulates the basic principles, objectives, conditions and methods for personal data processing, lists of data subjects and personal data processed in Norbekov Center, Norbekov Center's functions while processing personal data, rights of data subjects, as well as Norbekov Center's requirements to the personal data protection.
1.2. The Policy is developed based on the requirements of the Constitution of the Russian Federation, legislative and other statutory acts of the Russian Federation related to personal data.
1.3. The Policy provisions serve as the basis for developing corporate statutory acts, which stipulate processing personal data of Norbekov Center's employees and other data subjects.
1.4. The Policy provisions serve as the basis for developing corporate statutory acts by Norbekov Center's subsidiaries and entities stipulating personal data processing in the abovementioned entities.
2. Legislative and other statutory acts of Russian Federation stipulating Norbekov Center's Personal Data Processing Policy
2.1. Norbekov Center's Personal Data Processing Policy is based on the following statutory acts:
The Labor Code of the Russian Federation;
The Federal Law No. 152-FZ 'On Personal Data', dated July 27, 2006;
The Decree of the Russian President No. 188 'On Approving the List of Confidential Data', dated March 6, 1997;
The Russian Federation Government Resolution No. 687 'On Approving the Provision Regarding Properties of Personal Data Processing without Software', dated September 15, 2008;
The Russian Federation Government Resolution No. 512 'On Approving the Requirements to Biometric Personal Data Tangible Carrier and Such Data Storage Beyond Personal Data Information Systems', dated July 6, 2008;
The Russian Federation Government Regulation No. 1119 'On Approving the Requirements to the Personal Data Protection While Processing in Personal Data Information Systems', dated November 1, 2012;
The Order of FSTEC of Russia No. 55, FSB of Russia No. 86, the Ministry of Information Technologies and Communications of Russia No. 20 'On Approving the Procedure for Classifying Personal Data Information Systems', dated February 13, 2008;
The Order of FSTEC of Russia No. 21 'On Approving the List and Scope of Planning and Technical Activities for Protection of Personal Data While Processing via Personal Data Information Systems', dated February 18, 2013;
The Order of the Russian Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications No. 996 'On Approving the Requirements and Methods for Depersonalizing Personal Data', dated September 5, 2013;
other statutory acts of the Russian Federation and legal documents of authorized government bodies.
2.2. With a view to implement the Policy provisions, Norbekov Center develops relevant corporate statutory acts and other documents, including:
provision on personal data processing in Norbekov Center;
provision on the personal data protection while processing via personal data information systems in Norbekov Center, its subsidiaries and entities;
list of positions provided for structural units of Norbekov Center's administration, its branches and representative offices and subjects to personal data processing in case of substitution;
procedures for personal data processing in the structural units of Norbekov Center's administration, its branches and representative offices;
other corporate statutory acts and documents related to personal data processing in Norbekov Center.
3. Basic terms and definitions used in corporate statutory acts of Norbekov Center related to personal data processing
Personal data – any information related to directly or indirectly specified natural person (data subject).
Information – details (reports, data) regardless their presentation form.
Operator – state authority, municipal authority, legal or private person, who severally or jointly arranges and/or performs personal data processing, as well as defines the aims of personal data processing, the volume of personal data subject to processing and personal data handling.
Personal data processing – any action or a series of actions performed towards personal data with or without the software, including the personal data acquisition, recording, systematization, accumulation, storage, update and alteration, extraction, use, transfer (distribution, presentation, providing access), depersonalization, blocking, deleting and annihilation.
Automated personal data processing – personal data processing via PC software.
Personal data presentation – personal data disclosure to particular person or certain group of persons.
Personal data distribution – personal data disclosure to uncertain group of persons.
Trans-border transfer of personal data – personal data transfer to a foreign country, foreign government body and foreign natural or legal person.
Personal data blocking – temporary interruption of personal data processing (except where processing is required for personal data update or alteration).
Personal data annihilation – actions making it impossible to restore personal data volume in the personal data information system and/or resulting in the elimination of tangible personal data carriers.
Personal data depersonalization – actions making it impossible to identify personal data as related to a certain data subject without involving an additional information.
Personal data information system – a set of personal data included into personal data databases, as well as the software and tools used for their processing.
4. Principles and purposes for personal data processing
4.1. Norbekov Center in its capacity as a personal data operator performs personal data processing for the employees of Norbekov Center and other data subjects not employed by Norbekov Center.
4.2. Norbekov Center performs data processing with due diligence to the protection of rights and freedoms of Norbekov Center's employees as well as other data subjects, including the protection of privacy right, personal and family secrets, based on the following principles:
personal data processing in Norbekov Center is performed on a legitimate equitable basis;
personal data processing is limited to reaching specific predetermined legitimate aims;
personal data processing incompatible with the purposes of personal data acquisition is not allowed;
combining databases that contain personal data processed for the purposes incompatible with each other is not allowed;
personal data meeting the purposes of their processing may only be processed;
scope and amount of personal data comply with the stated purposes of processing. The personal data redundancy in relation to the stated purposes is not allowed;
while processing personal data, accuracy, adequacy and actuality (if necessary) of personal data are provided in relation to the purposes of personal data processing. Norbekov Center makes all reasonable efforts to delete or adjust incomplete or inaccurate personal data;
personal data are stored in the form that enables to define the data subject no longer than it's required for the purposes of personal data processing, in case the personal data retention period is not set by a federal law or an agreement under which the data subject acts as a party, beneficiary or guarantor;
personal data under processing are deleted or depersonalized once the purposes of processing are achieved or in case achieving these purposes is not required anymore, unless otherwise provided by a federal law.
4.3. Norbekov Center processes personal data for the purpose of:
complying with the Constitution of the Russian Federation, legislative and other statutory acts of the Russian Federation and corporate statutory acts of Norbekov Center;
exercising functions, powers and requirements imposed upon Norbekov Center by the Government of the Russian Federation, including the personal data presentation to the government bodies, the Pension Fund of the Russian Federation, the Social Insurance Fund of the Russian Federation, Federal Mandatory Medical Insurance Fund of the Russian Federation, and other state bodies;
regulating the employment relationships with Norbekov Center's employees (promotion of employment, training and career advancement, personal security, control over the scope and quality of the work done, safekeeping of property);
providing Norbekov Center's employees and their families with additional guarantees and remunerations, including non-governmental pension coverage, voluntary health insurance, medical service and other kinds of social security;
protecting lives, health or other vital interests of personal data subjects;
developing, signing, executing and terminating agreements with counterparties;
arranging access procedures and in-house schedule at Norbekov Center's facilities;
developing reference materials for in-house information support of the activities of Norbekov Center, its branches and representative offices, as well as Norbekov Center's subsidiaries and entities;
executing court decisions, other bodies and authorities acts subject to execution in compliance with the Enforcement Law of the Russian Federation;
exercising rights and legal interests of Norbekov Center while carrying out activities stipulated by Norbekov Center's Articles of Association and other corporate statutory acts of Norbekov Center or third parties or with a view to achieve socially desirable purposes;
other legitimate purposes.
5. List of data subjects, which have their personal data processed at Norbekov Center
5.1. Norbekov Center provides processing personal data of the following data subjects:
employees of the structural units of Norbekov Center's administration, its branches and representative offices;
employees of Norbekov Center's subsidiaries and entities;
other personal data subjects (with a view to achieve the processing purposes stated in Section 4 of the Policy).
6. List of personal data processed at Norbekov Center
6.1. The list of personal data processed at Norbekov Center is stipulated by the Law of the Russian Federation and corporate statutory acts considering the personal data processing purposes stated in Section 4 of the Policy).
6.2. Special personal data categories concerning race and national identity, political commitment, religious or philosophic views and private life are not subject to processing at Norbekov Center.
7. Functions of Norbekov Center in personal data processing
7.1. While processing personal data, Norbekov Center:
takes relevant measures to ensure compliance with the Law of the Russian Federation and corporate statutory acts related to personal data;
establishes legal, planning and technical procedures to protect personal data against illegal or accidental access, annihilation, alteration, blocking, copying, presentation, distribution, as well as against other misconduct in relation to personal data;
appoints a party responsible for the arrangement of personal data processing at Norbekov Center;
issues corporate statutory acts stipulating the policy and personal data processing and protection procedures at Norbekov Center;
familiarizes the employees of Norbekov Center, its branches and representative offices directly involved in personal data processing with the provisions of the Law of the Russian Federation and corporate statutory acts of Norbekov Center related to personal data, including the requirements to the personal data protection, as well as provides for certain employees training;
publishes or otherwise provides unlimited access to this Policy;
informs personal data subjects or their representatives in due course of the available data related to the relevant subjects, provides the representation of these personal data upon notification and/or request of the mentioned data subjects or their representatives, unless otherwise provided by the Law of the Russian Federation;
terminates the processing and annihilates personal data as stipulated by the Law of the Russian Federation related to personal data;
performs other activities stipulated by the Law of the Russian Federation related to personal data.
8. Conditions of personal data processing at Norbekov Center
8.1. Personal data is processed at Norbekov Center with consent of a data subject to have his/her personal data processed, unless otherwise is provided by the Law of the Russian Federation related to personal data.
8.2. Norbekov Center shall not disclose or distribute personal data to third parties without consent of the data subject, unless otherwise is provided by the Law of the Russian Federation.
8.3. Norbekov Center is entitled to entrust personal data processing to a third party with the data subject consent and upon an agreement with such a third party. An agreement shall provide for the list of personal data operations to be accomplished by a person in charge for the data processing, processing purposes, liabilities of such a person to keep personal data confidential and protected in course of processing, as well as requirements to the processed personal data protection as per Article 19 of the Federal Act On Personal Data.
8.4. For the purpose of in-house data support Norbekov Center is entitled to develop reference documents, which provide (upon written consent of the relevant data subject) the subject name, family name, occupation, position, date of birth, address, subscriber number, e-mail address, other personal data presented by the relevant data person, unless otherwise is provided by the Law of the Russian Federation.
8.5. Access to personal data processed in Norbekov Center is only allowed to Norbekov Center's employees covered by the list of positions for structural units of Norbekov Center's administration, its branches and representative offices, substitution of which is subject to personal data processing.
9. Actions with personal data and ways of its processing
9.1. Norbekov Center provides for acquisition, logging, ranging, accumulation, storage, update and alteration, extraction, application, transfer (distribution, representation, and access), depersonalization, blocking, deletion and annihilation of personal data.
9.2. Personal data processing in Norbekov Center is provided in the following ways:
manual personal data processing;
automated personal data processing with further transfer of received information via communication networks or otherwise;
combined personal data processing.
10. Rights of personal data subjects
10.1. Data subjects are entitled for:
completing information on their personal data under processing in Norbekov Center;
accessing to their personal data, including copies of any records which contain their personal data, unless otherwise is provided by the Federal Law, as well as access to related health care information at their option under the medical expert supervision;
adjusting their personal data, as well as data blocking or annihilation in case of personal data are incomplete, outdated, inaccurate, illegally obtained or inessential for processing purpose declared;
revoking the consent given for personal data processing;
taking statutory actions to protect their rights;
appealing against Norbekov Center's action or inaction infringing the requirements of the Law of the Russian Federation related to personal data to the body authorized for the protection of data subject rights or to the court;
exercising other rights provided for by the Law of Russian Federation.
11. Actions taken by Norbekov Center to ensure proper personal data processing
11.1. Actions, essential and sufficient to ensure proper personal data processing by Norbekov Center in accordance with the Law of the Russian Federation related to personal data, are as following:
appointing a person in charge for the arrangement of personal data processing in Norbekov Center;
adopting corporate statutory acts and other regulations related to personal data processing and protection;
arranging the training for the employees of structural units of Norbekov Center's administration, its branches and representative offices, which occupy the positions covered by the list of positions for structural units of Norbekov Center's administration, its branches and representative offices, substitution of which is subject to personal data processing;
carrying consents of data subjects to their personal data processing, unless otherwise is provided by the Law of the Russian Federation;
isolating personal data processed manually from other data, including their storage at the separate personal data carriers and/or within separate sections;
ensuring the separate storage of personal data processed for different purposes and comprising different personal data categories;
prohibiting the personal data transfer via open communication channels, computation networks beyond control, Norbekov Center's Unified Internal System for Data Transfer and Internet without taking measures on the personal data protection set by Norbekov Center (excluding public and/or depersonalized personal data);
storing tangible personal data carriers that ensures the personal data safety and prevents unauthorized access to them;
exercising in-house control over the compliance of personal data processing with the Federal Law 'On Personal Data' and relevant statutory acts, personal data protection requirements, the Policy and Norbekov Center's corporate statutory acts;
other actions provided by the Law of the Russian Federation related to personal data.
11.2. Actions, providing the personal data protection while processing them by means of personal data information systems, shall correspond to Norbekov Center's corporate statutory acts, which stipulate the personal data protection measures while processing them by means of personal data information systems.
12. Control over compliance with Law of Russian Federation and Norbekov Center's corporate statutory acts related to personal data, including personal data protection requirements
12.1. Control over the adherence of structural units of Norbekov Center's administration, its branches and representative offices to the Law of the Russian Federation and corporate statutory acts of Norbekov Center related to personal data, including the personal data protection requirements, is aimed at ensuring the compliance of personal data processing by structural units of Norbekov Center's administration, its branches and representative offices to the Law of the Russian Federation and corporate statutory acts of Norbekov Center related to personal data, including the personal data protection requirements, as well as to measures aimed at prevention and identification of infringements of the Law of the Russian Federation related to personal data, identification of potential channels for the leakage of and the unauthorized access to personal data and the removal of consequences of such infringements.
12.2. In-house control over the adherence of structural units of Norbekov Center's administration, its branches and representative offices to the Law of the Russian Federation and corporate statutory acts of Norbekov Center related to personal data, including the personal data protection requirements, is exercised by a person in charge for the arrangement of personal data processing in Norbekov Center.
12.3. In-house control over the compliance of personal data processing to the Federal Law 'On Personal Data' and relevant statutory acts, the personal data protection requirements, the Policy and Norbekov Center's corporate statutory acts is exercised by the Corporate Protection Service of Norbekov Center.
12.4. Personal liability for the adherence of a structural unit of Norbekov Center's administration, its branch and representative office to the Law of the Russian Federation and corporate statutory acts of Norbekov Center related to personal data, as well as for ensuring the personal data confidentiality and safety within the mentioned divisions of Norbekov Center is imposed upon their executives.
