Personal data processing policy

1. General provisions

1.1. This personal data processing policy is drawn up in accordance with the requirements of the Federal Law dated 27.07.2006. № 152-FZ "On personal data" and defines the procedure for processing personal data and measures to ensure the security of personal data by LLC "Custodian Fund" (hereinafter — the Operator).
1.2. The Operator sets the observance of human and civil rights and freedoms, including the protection of the rights of privacy, personal and family secrecy, as its most important goal and condition for the implementation of its activities during personal data processing
1.3. This personal data processing policy (hereinafter referred to as the Policy) applies to all information that the Operator may obtain on visitors to the website.

2. Basic concepts used in the Policy
- Automated personal data processing — personal data processing by means of computer technology;
- Personal data blocking — temporary termination of personal data processing (except if processing is necessary for personal data clarification);
- Website — a set of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address;
- Personal data system - a set of personal data contained in databases and technical means for its processing;
- Depersonalization of personal data — actions, due to which it is impossible to connect personal data to a particular User or another subject of personal data without the use of additional information;
- Personal data processing— any action (operation) or set of actions (operations) performed with or without the use of automation equipment on personal data including collection, recording, systematization, accumulation, storage, refinement (update, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;
- Operator — state body, municipal body, legal or natural person, organizing and (or) carrying out personal data processing independently or jointly with other persons, and also defining the purposes of personal data processing, the composition of personal data to be processed, actions (operations) performed with personal data;
- Personal data — any information relating directly or indirectly to a specific or defined User of the website;
- User — any visitor to the website;
- Provision of personal data — actions aimed at disclosure of personal data to a certain person or a certain circle of persons;
- Dissemination of personal data — any actions aimed at disclosure of personal data to an indefinite circle of persons (personal data) or at acquaintance with personal data not a limited number of persons, including the disclosure of personal data in the media, placement in information and telecommunication networks or providing access to personal data by any other means;
- Cross-border personal data transfer — transfer of personal data to the territory of a foreign state authority, foreign physical or foreign legal entity;
- Destruction of personal data — any actions resulting in the destruction of personal data irrevocably with the impossibility of further restoration of the content of personal data in the personal data system and (or) as a result of which physical carriers of personal data are destroyed.

3. The composition of the User's personal data that the Operator can process
- Surname, first name, patronymic;
- E-mail address;
- Phone numbers;
- Date and place of birth;
- Details of the identity papers;
- Addresses of registration and actual residence;
Also, the site collects and processes anonymous data on visitors with the help of Internet statistics services (Yandex Metrica, Google Analytics and others).
Such data as is transferred in automatic mode: IP addresses, cookies, Internet browser settings, information on user location and activities, etc.
Unlike personal data, such information is anonymised and therefore does not relate to the composition of personal data.

4. Purposes of User personal data processing:
- informing the User by e-mails;
- conclusion, execution and termination of civil contracts;
- providing the User with access to the services, information and/or materials contained on the website.
The Operator also has the right to notify the User about new products and services, special offers and various events. The User can always refuse to receive information messages by sending an email to the Operator to the address with the theme "Refusal of notifications about new products and services and special offers".

Depersonalized User data collected by means of Internet statistics services serve to collect information about User actions on the site, improve the quality of the site and its content.

The User agrees that the Operator has the right to transfer personal data to third parties, in particular, courier services, postal organizations (including electronic ones), electronic communication operators, solely for the purpose of fulfilling the agreement/contract with the User, including delivery of documentation or e-mail messages.

The Operator also has a partnership relationship with a number of service providers whose services and solutions complement, facilitate and improve the Operator's Services. These include server hosting and co-hosting services, communication and content delivery (and distribution) networks (CDNs), data protection and cyber security services, billing and payments processing services, domain name registrars, fraud detection and prevention, web analytics, email distribution and monitoring services, job session recording and remote access service Performance measurement and optimization of data, marketing services, content providers and our legal and financial advisors (all together, "Service Providers").

Such Service Providers may obtain or otherwise have access to Personal Information data of Visitors and Users of the Site, fully or partially, depending on the role and purpose of each Service Provider in the process of promoting and improving the Services, and the Operator's business; in addition, they may use the received information only for the specified purposes.

The User agrees that the Administration in a number of cases provided by law may be obliged to disclose personal information data at the request of state agencies, including for the purposes of both to ensure national security or to protect law and order.

In case of loss or disclosure of personal data, the Administration has the right not to inform the User about the loss or disclosure of personal data.

The Operator takes security measures designed to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, distribution, and other unlawful actions of third parties, including physical, electronic and procedural measures. Among other things, the Operator offers secure access to most of the Services via HTTPS; the transfer of confidential payment data (such as credit card number) through our proprietary payment forms that are protected by an encrypted connection of the industry standard SSL/TLS; and the Company regularly passes PCI DSS (Payment Card Industry Data Security Standards) certifications. Administration also regularly monitors all systems for possible vulnerabilities and attacks, and constantly searches for new ways and Service Providers to further improve the security of the Services and Privacy of Visitors and Users.

However, despite the measures and efforts undertaken, the Operator cannot and does not guarantee the absolute protection and security of Personal data or any other User Content. Therefore, the Company urges Users to establish reliable passwords for the User account and avoid providing the Administration with any sensitive information whose disclosure may cause to the User significant or irreparable harm.

The User may at any time withdraw consent to personal data processing by sending a corresponding request to the Operator.

5. Legal grounds for personal data processing:

- The Operator processes the User's personal data only if it is filled in and/or sent by the User voluntarily through the special forms located on the website. By filling in these forms and/or sending their personal data to the Operator, the User agrees to this Policy.
- The Operator processes anonymised data about the User in case it is allowed in the User's browser settings (the saving of cookies and the use of JavaScript technology is enabled).

6. Procedure for collection, storage, transfer and other types of personal data processing.
The security of personal data processed by the Operator is ensured through the implementation of legal, organizational and technical measures necessary for the full implementation of the requirements of the legislation in the field of personal data protection.

The Operator ensures the safety of personal data and takes all possible measures to prevent access to personal data of by unauthorized persons.

User's personal data will never, under any conditions, be transferred to third parties, except in cases connected with the implementation of the current legislation.

In case of identification of inaccuracies in personal data, the User may update them independently by sending a notification to the Operator's e-mail address under the theme "Updating of personal data".

The period of personal data processing is unlimited. The User may at any time withdraw his consent to personal data processing by sending a notification to the Operator via e-mail to the Operator's email address marked "Withdrawal of consent to personal data processing".

7. Cross-border transfer of personal data.

The operator shall make sure that the foreign state, in to the territory of which the transfer of personal data is intended to be carried out has ensured protection of the rights of subjects of personal data, prior to the commencement of cross-border transfer of personal data.

Cross-border transfer of personal data to the territory of foreign states which do not meet the above requirements may be carried out only if there is a written consent of the subject of personal data for such cross-border transfer of his personal data and/or execution of the contract where the subject of personal data is a party.

8. Final provisions.

The User can receive any clarifications regarding his/her personal data processing by contacting the Operator via e-mail
This document will reflect any changes in the processing personal data policy made by the Operator. The policy is valid indefinitely until it is replaced by a new version.

The Operator notifies users that changes or clarifications may be made to this policy. The Operator shall not notify each User individually about such changes.
The current version of the Policy is freely available online at