UnigeniQ logo

Personal Data Processing Policy

1. General Provisions

This Privacy Policy regarding the processing of personal data has been prepared in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006 "On Personal Data" (hereinafter – the "Personal Data Law") and defines the procedure for processing personal data and measures to ensure the security of personal data undertaken by MEDIK LLC (hereinafter – the "Operator").

1.1. The Operator's primary goal and condition for carrying out its activities is to respect the rights and freedoms of individuals when processing their personal data, including the protection of the rights to privacy, personal and family secrets.

1.2. This Operator's Policy regarding the processing of personal data (hereinafter – the "Policy") applies to all information that the Operator may obtain about visitors to the website https://unigeniq.com.

2. Basic Terms Used in the Policy

2.1. Automated processing of personal data – processing of personal data using computer technology.

2.2. Blocking of personal data – temporary cessation of processing of personal data (except when processing is necessary to clarify personal data).

2.3. Website – a collection of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the internet at the network address https://unigeniq.com.

2.4. Personal data information system – a collection of personal data contained in databases and information technologies and technical means ensuring their processing.

2.5. Depersonalization of personal data – actions as a result of which it becomes impossible, without the use of additional information, to determine the ownership of personal data to a specific User or other subject of personal data.

2.6. Processing of personal data – any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.

2.7. Operator – a state body, municipal body, legal entity or individual, independently or jointly with other persons organizing and/or carrying out the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data to be processed, and the actions (operations) performed with personal data.

2.8. Personal data – any information relating directly or indirectly to a specific or identifiable User of the website https://unigeniq.com.

2.9. Personal data authorized by the subject of personal data for distribution – personal data to which an unlimited circle of persons has been granted access by the subject of personal data by giving consent to the processing of personal data authorized for distribution in accordance with the procedure established by the Personal Data Law (hereinafter – "personal data authorized for distribution").

2.10. User – any visitor to the website https://unigeniq.com.

2.11. Provision of personal data – actions aimed at disclosing personal data to a specific person or a specific circle of persons.

2.12. Distribution of personal data – any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or making personal data available to an unlimited circle of persons, including publication of personal data in the mass media, placement in information and telecommunications networks, or providing access to personal data in any other way.

2.13. Cross-border transfer of personal data – transfer of personal data to the territory of a foreign state to a foreign state authority, a foreign individual, or a foreign legal entity.

2.14. Destruction of personal data – any actions as a result of which personal data are irretrievably destroyed with no possibility of further restoration of the content of personal data in the personal data information system and/or the physical media of personal data are destroyed.

3. Basic Rights and Obligations of the Operator

3.1. The Operator has the right to:

  1. receive from the subject of personal data accurate information and/or documents containing personal data;
  2. in the event that the subject of personal data withdraws their consent to the processing of personal data, or submits a request to cease processing of personal data, the Operator has the right to continue processing personal data without the consent of the subject of personal data if there are grounds specified in the Personal Data Law;
  3. independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations provided for by the Personal Data Law and regulatory legal acts adopted thereunder, unless otherwise provided by the Personal Data Law or other federal laws.

3.2. The Operator is obliged to:

  1. provide the subject of personal data, upon their request, with information regarding the processing of their personal data;
  2. organize the processing of personal data in accordance with the procedure established by the applicable legislation of the Russian Federation;
  3. respond to requests and inquiries from subjects of personal data and their legal representatives in accordance with the requirements of the Personal Data Law;
  4. provide the authorized body for the protection of the rights of subjects of personal data, upon request, with the necessary information within 10 days from the date of receipt of such request;
  5. publish or otherwise provide unrestricted access to this Policy regarding the processing of personal data;
  6. take legal, organizational and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, provision, distribution of personal data, as well as from other unlawful actions in relation to personal data;
  7. cease the transfer (distribution, provision, access) of personal data, cease processing and destroy personal data in accordance with the procedure and in the cases provided for by the Personal Data Law;
  8. perform other duties provided for by the Personal Data Law.

4. Basic Rights and Obligations of Subjects of Personal Data

4.1. Subjects of personal data have the right to:

  1. receive information regarding the processing of their personal data, except in cases provided for by federal laws. The information is provided to the subject of personal data by the Operator in an accessible form, and must not contain personal data relating to other subjects of personal data, except where there are legal grounds for disclosing such personal data. The list of information and the procedure for obtaining it are established by the Personal Data Law;
  2. demand that the Operator clarify their personal data, block or destroy them if the personal data are incomplete, outdated, inaccurate, unlawfully obtained, or are not necessary for the stated purpose of processing, as well as take measures provided by law to protect their rights;
  3. impose a condition of prior consent when processing personal data for the purpose of promoting goods, works and services on the market;
  4. withdraw their consent to the processing of personal data, as well as submit a request to cease processing of personal data;
  5. appeal in court or to the authorized body for the protection of the rights of subjects of personal data the unlawful actions or inaction of the Operator in the processing of their personal data;
  6. exercise other rights provided for by the legislation of the Russian Federation.

4.2. Subjects of personal data are obliged to:

  1. provide the Operator with accurate information about themselves;
  2. notify the Operator of any clarification (updating, change) of their personal data.

4.3. Persons who provide the Operator with inaccurate information about themselves, or information about another subject of personal data without the latter's consent, shall be liable in accordance with the legislation of the Russian Federation.

5. Principles of Processing Personal Data

5.1. The processing of personal data is carried out on a lawful and fair basis.

5.2. The processing of personal data is limited to achieving specific, predetermined and lawful purposes. Processing of personal data incompatible with the purposes of collecting personal data is not permitted.

5.3. The merging of databases containing personal data, the processing of which is carried out for purposes incompatible with each other, is not permitted.

5.4. Only personal data that meets the purposes of their processing may be processed.

5.5. The content and scope of the processed personal data correspond to the stated purposes of processing. The processed personal data must not be excessive in relation to the stated purposes of their processing.

5.6. When processing personal data, the accuracy of personal data, their sufficiency, and, where necessary, their relevance to the purposes of processing personal data are ensured. The Operator takes necessary measures and/or ensures that they are taken to delete or clarify incomplete or inaccurate data.

5.7. Personal data is stored in a form that permits identification of the subject of personal data for no longer than required by the purposes of processing personal data, unless the storage period for personal data is established by federal law, a contract to which the subject of personal data is a party, beneficiary, or guarantor. Processed personal data is destroyed or depersonalized upon achievement of the processing purposes or in the event that the need to achieve them is lost, unless otherwise provided for by federal law.