1. General Provisions
This Personal Data Processing Policy is drawn up in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data implemented by Vikta LLC( hereinafter referred to as the Operator)
1.1. The Operator considers the observance of human and civil rights and freedoms during personal data processing, including the right to privacy, personal and family secrets, as its most important goal and condition for its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may receive about visitors of the website https://www.vikta-fish.ru.

2. Basic Terms Used in the Policy
2.1. Automated processing of personal data — processing using computer technology.
2.2. Blocking of personal data — temporary cessation of personal data processing (except when processing is necessary for clarification).
2.3. Website — a set of graphic and information materials, as well as computer programs and databases, made accessible online at https://www.vikta-fish.ru.
2.4. Information system of personal data — a combination of databases containing personal data and IT/technical tools that process them.
2.5. Depersonalization — actions that make it impossible to determine data ownership without additional information.
2.6. Processing of personal data — any operation or set of operations performed on personal data, with or without automation, including collection, recording, systematization, accumulation, storage, clarification (update, change), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction.
2.7. Operator — a government body, municipal authority, legal or natural person organizing and/or performing the processing of personal data and determining the purposes, scope, and actions performed.
2.8. Personal data — any information directly or indirectly related to a specific or identifiable User of the website https://www.vikta-fish.ru.
2.9. Personal data permitted for dissemination — data made publicly available by the subject through consent, in accordance with the Personal Data Law.
2.10. User — any visitor of the website https://www.vikta-fish.ru.
2.11. Provision of personal data — disclosure of data to a specific person or group.
2.12. Dissemination — any action to disclose personal data to an indefinite group, including media publication, network posting, or granting access otherwise.
2.13. Cross-border transfer — transfer of data to foreign countries, authorities, or foreign legal/natural persons.
2.14. Destruction — irreversible elimination of data and/or physical media with personal data.

3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right to:

• Receive truthful data and/or documents from the data subject.
• Continue processing without consent if required by the Personal Data Law.
• Independently determine measures necessary to fulfill obligations under applicable law.

3.2. The Operator is obliged to:

• Provide the data subject with information regarding the processing of their data upon request.
• Organize data processing in accordance with current Russian legislation.
• Respond to requests and inquiries from data subjects or their legal representatives.
• Provide information to the authorized body for the protection of personal data subjects upon request.
• Publish or otherwise provide unrestricted access to this Policy.
• Take legal, organizational, and technical measures to protect personal data.
• Cease transmission, processing, and destroy data when required by law.
• Fulfill other duties under the Personal Data Law.

4. Basic Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:

• Receive information about the processing of their personal data, except as provided by federal laws. The Operator must provide this information in an accessible form and without personal data of other subjects unless there are legal grounds to withhold it.
• Require the Operator to clarify, block, or delete their personal data if the data is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose.
• Withdraw consent to the processing of personal data.
• Appeal to the authorized body for the protection of the rights of personal data subjects or through the courts if they believe the Operator is violating legal requirements.
• Exercise other rights established by Russian law.

4.2. Personal data subjects are obliged to:

• Provide the Operator with only accurate personal data.
• Notify the Operator of updates or changes to their personal data.

4.3. Individuals who have provided the Operator with false information or data of another subject without consent bear responsibility according to Russian law.

5. Principles of Personal Data Processing
5.1. Personal data processing is lawful and fair.
5.2. Processing is limited to achieving specific, predefined, and lawful purposes.
5.3. No combination of databases containing personal data with incompatible processing purposes is allowed.
5.4. Only personal data that meet the processing purposes are subject to processing.
5.5. Content and scope of processed personal data correspond to declared processing purposes. No excess data is processed.
5.6. Accuracy and relevance of data are maintained. Inaccurate or incomplete data is updated or deleted.
5.7. Personal data is stored in a form that allows identifying the subject no longer than required by the processing purpose, unless storage is mandated by law or with subject’s consent.


6. Purposes of Personal Data Processing
Purpose of processing:

• Informing the User by sending emails.
• Personal data:
• Full name
• Email address
• Phone numbers
• Legal basis:
• Consent of the personal data subject
• Types of processing:
• Collection, recording, systematization, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), blocking, deletion, destruction

7. Conditions for Personal Data Processing
7.1. Personal data is processed with the consent of the subject to the processing of their data.
7.2. Processing of personal data is necessary to achieve the goals provided by an international treaty of the Russian Federation or law, to perform functions, powers, and duties assigned to the Operator.
7.3. Processing is necessary for the administration of justice, execution of a judicial act or act of another authority or official subject to enforcement.
7.4. Processing is necessary to perform a contract to which the personal data subject is a party, or to enter into a contract at their initiative.
7.5. Processing is necessary to protect the life, health, or other vital interests of the subject if obtaining consent is not possible.
7.6. Processing concerns data made publicly available by the subject.
7.7. Processing is necessary for the exercise of rights and lawful interests of the Operator or third parties or to achieve socially significant goals, provided this does not violate the rights and freedoms of the subject.
7.8. Processing is conducted for statistical or other research purposes, with the data anonymized.
7.9. Processing is carried out if access to such data is granted or processing is required by federal law.

8. Procedure for Collection, Storage, Transfer, and Other Types of Personal Data Processing
The security of personal data processed by the Operator is ensured through legal, organizational, and technical measures necessary to fully comply with legal requirements in the field of personal data protection.
8.1. The Operator ensures the safety of personal data and takes all possible measures to prevent unauthorized access.
8.2. Personal data of the User is never transferred to third parties, except in cases related to compliance with applicable law or with the consent of the subject.
8.3. If inaccuracies in personal data are identified, the User can update the data independently by sending a notification to the Operator's email address marked “Update of personal data.”
8.4. The period of personal data processing is determined by achieving the processing purposes unless otherwise required by contract or law.
8.5. The User can withdraw consent at any time by sending a written notice to the Operator's email address marked “Withdrawal of consent to personal data processing.”
8.6. All actions with personal data are carried out in accordance with Federal Law No. 152-FZ “On Personal Data” dated July 27, 2006.
8.7. The Operator ensures confidentiality of personal data during processing.

9. Cross-Border Transfer of Personal Data
9.1. Before transferring personal data across borders, the Operator must ensure that the foreign country provides adequate protection of the subject’s rights.
9.2. Cross-border transfer to countries that do not provide adequate protection is allowed only if the subject consents in writing to the transfer or the transfer is necessary for the performance of a contract involving the subject.

10. Cross-Border Transfer of Personal Data
10.1. Before initiating cross-border transfer of personal data, the Operator must notify the authorized body for the protection of personal data subjects’ rights of its intention to carry out such transfer (this notification is submitted separately from the general notification of personal data processing).
10.2. Prior to submitting the aforementioned notification, the Operator must obtain relevant information from the authorities of the foreign country, as well as from foreign individuals or legal entities to whom the personal data is intended to be transferred.

11. Confidentiality of Personal Data
The Operator and other persons who have gained access to personal data are obliged not to disclose or distribute such data to third parties without the consent of the personal data subject, unless otherwise provided by federal law.

12. Final Provisions
12.1. The User may obtain any clarification regarding the processing of their personal data by contacting the Operator via email at ooovikta@mail.ru.
12.2. This Policy remains effective indefinitely until it is replaced by a new version.
12.3. The current version of the Policy is freely available on the Internet at: http://www.vikta-fish.ru/eng/privacy