1. General Provisions
1.1. This policy regarding the processing of personal data (hereinafter referred to as the Policy) has been drawn up in accordance with the requirements of the Federal Law of July 27, 2006 No. 152-FZ "On Personal Data" (hereinafter referred to as the Personal Data Law) and determines the procedure for processing personal data and measures to ensure the security of personal data taken by DUK Technologies LLC (OGRN 1225000085551) (hereinafter referred to as the Company).
1.2. The Company sets as its most important goal and condition for the implementation of its activities the observance of the rights and freedoms of an individual and citizen when processing his or her personal data, including the protection of the rights to privacy, personal and family secrets.
1.3. This policy of the Company regarding the processing of all Personal Data that the Company may receive about Users of the website https://duc-technologies.ru and Personal Data Subjects.
1.4. The Company uses the following TERMS:

Personal data, PD — any information related to a directly or indirectly identified or determinable Subject of personal data.
The Company (Operator) — DUС Technologies LLC (OGRN 1225000085551), which is the personal data operator, according to the Law on Personal Data, independently or jointly with other persons organizing and (or) carrying out the processing of personal data, and also determining the purposes of processing personal data, the composition of personal data subject to processing, actions (operations) performed with personal data.
User — an individual who has accessed the Company's Website.
Website / Company Website — https://duc-technologies.ru .
Subject of personal data — an individual who has provided the Company with consent to the processing of personal data in accordance with this Policy.
Processing of personal data is any action (operation) or set of actions (operations) with personal data, performed with the use of automation tools (automated processing of personal data) or without their use.
Personal data processing includes: collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction.
The Company processes personal data in accordance with the requirements of Russian Federation law.
The Processor— any person who, under an agreement with the Company, processes personal data on behalf of the Company, acting on behalf of and/or in the interests of the latter when processing personal data. The Company is liable to the Data Subject for the actions or omissions of the processor. The processor is liable to the operator.
Cookies are text files containing information that are downloaded to the user's device (PC, smartphone, etc.) during use of the Company's Website.

Other terms are used in this Policy in accordance with the meanings defined by the current legislation of the Russian Federation, unless otherwise expressly stated in the Policy.

2. Terms of personal data processing
2.1. Principles. When processing personal data, the Company adheres to the following principles:

• legality and justice;
• limiting the processing of personal data to the achievement of specific, predetermined and legitimate purposes;
• preventing the processing of personal data that is incompatible with the purposes of collecting personal data;
• compliance of the content and volume of processed personal data with the stated purposes of processing;
• preventing the redundancy of processed personal data in relation to the stated purposes of processing;
• ensuring the accuracy of personal data, its sufficiency and, where necessary, relevance in relation to the purposes of processing personal data, as well as taking measures to delete or clarify incomplete or inaccurate data;
• transparency of personal data processing: The subject of personal data may be provided with relevant information regarding the processing of his personal data;
• storage of personal data in a form that allows the identification of the personal data subject, no longer than required by the stated purposes of processing the personal data.

2.2. Cases of personal data processing. The Company processes personal data in the following cases:

• the Company's activities in the field of providing information technology services;
• registration and regulation of labor and related relations in the Company.

2.3. Basis and terms for processing personal data. The Company processes personal data only if at least one of the following conditions is met:

2.4. Termination of personal data processing. The Company ceases processing personal data in the following cases:

• the fact of their illegal processing has been identified (deadline - within three working days from the date of identification);
• the purpose of their processing has been achieved;
• the consent of the personal data subject to the processing of the specified data has expired or has been revoked, when, according to the Personal Data Law, the processing of these data is permitted only with consent.

2.5. Personal Data Processing Instructions. The Company has the right to instruct Processors to process personal data, thereby delegating some of its personal data processing functions to the Processor, who then acts on behalf of or in the interests of the Company. The basis for such an instruction is:

1. Consent of the Subject of personal data;
2. The existence of a corresponding agreement between the Company and the Processor. However, the Processor is not required to obtain the consent of the Personal Data Subject to process their personal data.

2.6. Use of Cookies. The Company uses cookies to identify the preferences of Website visitors and improve the Website's performance. Data subjects can view cookies in their browser settings. Cookies are processed, among other things, using web analytics services. Data subjects may receive pop-up notifications about the collection and processing of cookies, with a link to the Policy and buttons to accept the terms of processing.

If they disagree with the processing of cookies, the Website visitor must accept the risk that the full functionality and features of the Website may not be available, and then proceed with one of the following options:

• configure your browser yourself in accordance with its documentation or help so that it permanently does not allow you to receive and send cookies;
• switch to the browser's special "incognito" mode until you close the browser window or switch back to normal mode;
• leave the Site to avoid further processing of cookies.

3. The company's purposes in relation to the processing of personal data
3.1. List of Personal Data. The Company may process the following personal data of the Personal Data Subject:
Last name, first name, patronymic (full name),
Email address,
Telephone numbers

• . 3.2. Purposes. When collecting the Personal Data specified in paragraph 3.1., the Company is guided by the following purposes:

4. Rights and obligations of the company
4.1. The Company has the right to:

• independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations stipulated by the legislation of the Russian Federation;
• entrust the processing of personal data to another person with the consent of the Personal Data Subject in accordance with clause 2.5. of the Policy;
• In the event of the personal data subject’s withdrawal of consent to the processing of personal data, the Company has the right to continue processing personal data without the consent of the personal data subject if there are grounds specified in the Personal Data Law;
• exercise other rights provided for by the legislation of the Russian Federation in the field of personal data protection.

4.2. The Company is obliged to:

• organize the processing of personal data and ensure the necessary measures to protect personal data in accordance with the requirements of Russian legislation;
• respond to requests and inquiries from personal data subjects and their legal representatives in accordance with the requirements of the Russian Federation legislation;
• perform other duties stipulated by the legislation of the Russian Federation in the field of personal data protection.

5. Rights and obligations of the personal data subject
5.1. The subject of personal data has the right to:

• provide consent to the processing of the provided personal data in the manner prescribed by the Policy;
• revoke consent to the processing of personal data by sending a corresponding request to the Company;
• receive information from the Company regarding the processing of his personal data, except in cases provided for by federal laws;
• to demand from the Company clarification of his personal data, their blocking or destruction if the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing, and also to take measures provided by law to protect his rights;
• exercise other rights provided for by the legislation of the Russian Federation.

5.2. The personal data subject is obliged to:

• provide the necessary information containing reliable data about the Personal Data Subject;
• promptly notify the Company of any changes in information related to personal data, including changes in passport data, place of registration, etc.;
• perform other duties stipulated by the legislation of the Russian Federation in the field of personal data protection.

6. Measures to protect personal data
6.1. The Company shall take the necessary legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, distribution, and other unauthorized actions, including:

• identifies threats to the security of personal data during their processing;
• adopts local regulations and other documents governing relations in the field of processing and protection of personal data;
• appoints persons responsible for ensuring the security of personal data in the structural divisions and information systems of the Company;
• creates the necessary conditions for working with personal data;
• organizes work with information systems in which personal data is processed and evaluates the effectiveness of measures taken to ensure the security of personal data before putting the personal data information system into operation;
• stores personal data in conditions that ensure their safety and prevent unauthorized access to them, and keeps records of machine-readable media containing personal data;
• organizes training for the Company’s employees who process personal data;
• carries out internal control and (or) audit of compliance of personal data processing with legal requirements;
• detects instances of unauthorized access to personal data and takes measures, including measures to detect, prevent, and eliminate the consequences of computer attacks on personal data information systems and to respond to computer incidents in them;
• restores personal data modified or destroyed due to unauthorized access.

7. Updating, correcting, deleting, destroying personal data, responding to requests
7.1. Termination of personal data processing. The Company shall cease processing personal data in the following cases:

• the fact of their illegal processing has been revealed;
• the purpose of their processing has been achieved;
• the consent of the personal data subject to the processing of the specified data has expired or has been revoked, when, according to the Personal Data Law, the processing of these data is permitted only with consent.

7.2. Request to Terminate Personal Data Processing. If the Personal Data Subject requests the Company to cease processing personal data within a period not exceeding 10 business days from the date of receipt by the Company of the relevant request, the processing of personal data shall be terminated, except in cases stipulated by the Personal Data Law. This period may be extended, but by no more than 5 business days. For this purpose, the Company shall send the Personal Data Subject a reasoned notice stating the reasons for the extension.
7.3. Request for Information. Confirmation of the fact of personal data processing by the Company, the legal grounds and purposes of personal data processing, as well as other information specified in Part 7 of Article 14 of the Personal Data Law, shall be provided by the Company to the Personal Data Subject or their representative within 10 business days from the date of the request or receipt of the request from the Personal Data Subject or their representative. The specified period may be extended, but by no more than 5 business days, by sending the Personal Data Subject a reasoned notice stating the reasons for the extension of the period for providing the requested information.
7.4. Communication between the Parties. Requests in accordance with paragraphs 7.1 and 7.2 may be sent to the Company by email at ductechnologies@yandex.ru or by post to the details specified in the "Details" section of the Policy. If the Personal Data Subject's requests do not contain all the necessary information in accordance with the requirements of the Personal Data Law, or the Personal Data Subject does not have the rights to access the requested information, a reasoned refusal will be sent to him/her.
7.5. Blocking, updating, and correcting Personal Data. If inaccurate Personal Data is discovered upon an appeal by the Personal Data Subject or their representative, or at their request, or at the request of Roskomnadzor, the Company will block the personal data related to this Personal Data Subject, from the moment of such appeal or receipt of the said request for the verification period, unless blocking the personal data violates the rights and legitimate interests of the Personal Data Subject or third parties .
If the fact of inaccuracy of the personal data is confirmed, the Company, based on the information provided by the Personal Data Subject or their representative, or Roskomnadzor, or other necessary documents, clarifies (updates) or corrects the Personal Data within 7 business days from the date of submission of such information and removes the blocking of the personal data.
7.6. Destruction of personal data. Personal data is subject to destruction by the Company in the following cases:

• achievement of the purpose of processing personal data or loss of the need to achieve this purpose - within 30 days;
• achieving the maximum storage period for documents containing personal data - within 30 days;
• provision by the Subject of personal data (his/her representative) of confirmation that the personal data was obtained illegally or is not necessary for the stated purpose of processing - within 7 working days;
• revocation by the Subject of personal data of consent to the processing of his personal data, if their storage for the purpose of their processing is no longer required - within 30 days.

7.7. Methods of Destroying Personal Data. Personal data is destroyed after the destruction method has been selected and is determined by the type of storage medium containing the data and the nature of the personal data to be destroyed. Personal data is destroyed in the following ways:

• destruction of tangible media containing personal data, when the possibility of further use of said information carriers for the purpose of processing personal data is excluded (carried out by physical destruction of said tangible media);
• irreversible "erasure" of personal data and residual information relating to personal data from electronic and magnetic storage media (carried out by methods and means of guaranteed destruction of information on electronic and magnetic storage media, including through the use of special software).

8. Final Provisions
8.1. For any clarifications regarding personal data processing, please contact the Company by email at ductechnologies@yandex.ru .

• 8.2. This document will reflect any changes to the Company's Personal Data Processing Policy. This Policy is valid indefinitely until replaced by a new version.

9. Company details
LLC "DUС Technologies"
Legal address: 140016, Russia, Moscow region, Lyubertsy, Nekrasovsky (Zenino residential complex Samolet microdistrict), 4, apt. 22
OGRN: 1225000085551
INN:5027308419
E-mail: ductechnologies@yandex.ru