Menu

    Policy on personal data processing

    1. General provisions

    1.1 This policy regarding the processing of personal data (hereinafter - the Policy) is aimed at protecting the rights and freedoms of individuals whose personal data is processed by the Lifexpert L.L.C-FZ (hereinafter - the Operator).

    1.2 Ensuring confidentiality and security of processing of personal data is one of the priority tasks of the Operator. For these purposes, the Operator has put in place a set of organizational and administrative documentation, which is mandatory for all employees admitted to the processing of personal data. Processing, storage and ensuring confidentiality and security of personal data shall be carried out in accordance with the applicable international law in the field of protection of personal data, and in accordance with the local acts of the Operator.

    1.3. This Policy defines the principles, procedure and conditions of processing of personal data of the Operator's employees and consumers of the Operator's services, whose personal data are processed by the Operator, in order to ensure protection of human and citizen's rights and freedoms when processing their personal data, including protection of rights to privacy, personal and family secrets, and establishes liability of the Operator officials, having access to personal data, for failure to meet the requirements of the regulations governing processing and protection

    1.4 Information constituting personal data is any information relating to a directly or indirectly defined or identifiable individual (subject of personal data).

    2. Information about the operator

    2.1 The operator of personal data is Lifexpert L.L.C-FZ, located in Business Center 1, M Floor, The Meydan Hotel, Nad Al Sheba, Dubai, U.A.E..

    3. Information about processing of personal data

    3.1 The operator carries out processing of personal data for the following purposes:

    • organizing the Operator's personnel records;
    • Ensuring compliance with laws and other laws and regulations;
    • performance of personnel record-keeping procedures;
    • Fulfillment of requirements of tax legislation in connection with calculation and payment of individual income tax and unified social tax, pension legislation in formation and presentation of personified data on each income recipient, accounted when insurance contributions for obligatory pension insurance and provision are calculated;
    • Fulfillment of contractual obligations, including warranty services for the Operator's services consumers;

    3.2 Processing of personal data shall be carried out by the Operator on the basis of compliance with the principles:

    • Legality of the purposes and methods of personal data processing;
    • Compliance of the personal data processing objectives with the objectives predetermined and stated when collecting personal data;
    • Compliance of the amount and nature of processed personal data, methods of personal data processing with the purposes of personal data processing;
    • Reliability of personal data, its sufficiency for processing purposes, inadmissibility of processing of personal data, excessive in relation to the purposes stated in the collection of personal data;
    • Destruction upon attainment of personal data processing objectives or in case of loss of necessity in their attainment.

    3.3 Personal data processing includes personal data processing, including any action (operation) or a set of actions (operations) performed with or without the use of automation means with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, change), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.

    3.4 Refusal of the user of the Operator's services to provide consent to the processing of his personal data makes it impossible to achieve the processing goals.

    4. Processing of personal data of consumers of services (clients) of the Operator

    4.1 The Operator processes customers' personal data within the framework of legal relations between customers and the Operator.

    4.2 The operator processes clients personal data in order to comply with the norms of international law, as well as to:

    • conclude and fulfill obligations under contracts with the client;
    • inform about new products, special promotions and offers;
    • provide personalized services and services;
    • provide the client with announcements of news, news of services and other information of promotional nature by sending messages to the specified e-mail address of the client, SMS messages to the specified number of the client, mailings;
    • To conduct statistical and other research on the basis of impersonal data;
    • for other purposes stipulated by this Policy on Personal Data Processing and its annexes.

    4.3 The operator shall process customers personal data with their consent. In cases stipulated by the Federal Law "On Personal Data", consent shall be provided in writing. In other cases, consent shall be deemed to have been obtained when entering into a contract or when performing contingent actions. The Client's consent to the processing and storage of personal data shall be valid indefinitely and may be withdrawn by the Client by written notice, which shall be sent to the Operator by registered mail with the list of attachments, or to the Operator's email info@lifexpert.com.

    4.4 The Operator shall process the Client's personal data within the validity period of the Client's consent to the processing of personal data. The operator may process the client's personal data after the client has withdrawn his consent to the processing of personal data during the period of time set forth in clause 5 of paragraph 5 of the Operator's Rules of Procedure.

    4.5 The operator processes special categories of personal data about underage clients with the written consent of their legal representatives.

    4.6 In relation to the processing of personal data received by the Operator through the use by customers of the Operator's websites the rules established by /privacy/ (Annex 1 to this Policy in relation to the processing of personal data) shall apply.)

    5. Information about security of personal data

    5.1 The operator shall appoint a person responsible for organizing the processing of personal data in order to fulfill the obligations stipulated by the Federal Law "On Personal Data" and regulatory legal acts adopted in accordance with it.

    5.2 The operator applies a set of legal, organizational and technical measures to ensure security of personal data to ensure confidentiality of personal data and its protection from unlawful actions:

    • Provides unrestricted access to the Policy on Personal Data Processing, a copy of which is posted at the Operator's location, as well as on the Operator's website;
    • Approves and brings into effect the document "Regulations on Personal Data Processing" (hereinafter - the Regulations) and other local acts in pursuance of the Policy with respect to personal data processing
    • Ensure familiarization of employees with the provisions of personal data legislation, as well as the Policy on Personal Data Processing and the Regulation;
    • Provides access of employees to personal data, processed in the Operator's information system, as well as to their tangible media, only for the purpose of performance of labor duties;
    • Establishes rules of access to personal data processed in the Operator's information system, as well as ensures registration and accounting of all actions with them;
    • Assesses damages that may be caused to personal data subjects in case of violation of the Federal Law "On Personal Data";
    • Determines threats to the security of personal data during its processing in the Operator's information system;
    • Applies organizational and technical measures and uses information protection means necessary to achieve the established level of personal data security;
    • Performs detection of unauthorized access to personal data and takes response measures, including restoration of personal data modified or destroyed as a result of unauthorized access to it
    • Assesses efficiency of measures taken to ensure security of personal data prior to commissioning of the Operator's information system;
    • Performs internal control over compliance of personal data processing with the Federal Law "On Personal Data", regulatory legal acts adopted in accordance therewith, requirements to protection of personal data, Personal Data Processing Policy, Regulations and other local acts, including control over measures taken to ensure security of personal data and their level of protection during processing in the Operator's information system.

    6. Rights of subjects of personal data

    6.1 The subject of personal data has the right:

    • To receive personal data relating to that data subject and information relating to their processing;
    • To clarify, block or destroy his personal data if they are incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing;
    • To withdraw its consent to the processing of personal data;
    • To protect his/her rights and legitimate interests, including compensation for losses and compensation for moral damage in court;
    • To appeal the actions or omissions of the Operator to the competent authority for the protection of the rights of subjects of personal data or in court.

    6.2 To exercise their rights and legitimate interests, personal data subjects have the right to apply to the Operator or send a request in person or with the help of a representative.

    7. Final Provisions

    This Policy is subject to change and amendment in case of new legislative acts and special normative documents on processing and protection of personal data.

    7.2 Control over fulfillment of requirements of this Policy shall be carried out by the person responsible for organization of processing of personal data of the Operator.

    Responsibility of the Operator's officials, who have access to personal data, for failure to comply with the requirements of the rules governing the processing and protection of personal data shall be determined in accordance with the international laws and the Operator's internal documents.


    Annexes to this Policy with respect to the processing of personal data: