F A Q
We're ready to answer
all your questions
Director General: Khvostenko Pavel Viktorovich
1. General Provisions
1.1. The personal data processing policy (hereinafter—Policy) is issued and applied by Autonomous Non-Commercial Organization of Additional Professional Education "Academy of Confectionery Art" (hereinafter—Provider) under clause 2, part 1, art. 18.1, the Federal Act of July 27, 2006, N 152-Fz “On Personal Data.”
This Policy defines the Provider's procedures and conditions for processing personal data.
All issues related to processing personal data, which are not covered by this Policy, shall be resolved under the current legislation of the Russian Federation related to personal data.
1.2. The purpose of personal data processing: providing services to personal data owners on the website paulineschool.ru based on the GetCourse platform (hereinafter—the Platform). Any user can register on the platform to receive courses and online classes on the Internet. Protecting human and civil rights and freedoms when processing his/her personal data, including the protection of the right of personal privacy, personal and family secrets;
1.3. The processing is organized by the Provider on the following principles: the legality of purposes and methods of processing personal data, integrity and justice of the Provider's activities; reliability of personal data, its adequacy for processing purposes, the unacceptability of processing personal data redundant in relation to the purposes stated in the collection of personal data; processing only personal data that meets the purposes of processing it; compliance of the content and volume of the personal data with the stated purposes of the processing. The processed personal data should not be redundant in relation to the stated purposes of the processing; the unacceptability of combining databases containing personal data that are processed for incompatible purposes; ensuring the accuracy of personal data, its adequacy, and, where necessary, its relevance to the purposes of personal data processing. the Provider takes all necessary measures or ensures that all measures are taken to remove or clarify incomplete or inaccurate data; keeping personal data in a form that allows you to identify the subject of personal data no longer than the purpose of processing personal data requires.
1.4. Personal data is processed using automation tools.
1.5. The Provider processes the following personal data:
1.5.1. Mandatory, without which it is impossible to register on the platform: surname, name, mobile phone number, email
1.5.2. Voluntary, which is the data that the User indicates in his/her account voluntarily:
Date of birth
Free-form information about himself/herself
184.108.40.206. At the same time, some mandatory and/or voluntary personal data, according to the personal will of the User of the platform, are made by the User publicly available to any third parties under sub-cl. 10, cl. 1, art. 6, the Federal Act of July 27, 2006, N 152-Fz “On Personal Data.”
1.6. When processing personal data, the Provider applies legal, organizational and technical measures to ensure the security of personal data under art. 19, the Federal Act of July 27, 2006, N 152-Fz “On personal data”, which are enshrined in the Regulation “On the security of personal data of GetCourse platform users.”
1.7. The Provider shall not disclose or distribute personal data to third parties without the consent of the subject of personal data, except in cases provided by the current legislation of the Russian Federation and this Policy.
1.8. Assessment of harm that may be caused to subjects of personal data in the event of a violation by the Provider of the requirements of the Federal Act of July 27, 2006, N 152-Fz "On personal data" is determined under articles 15, 151, 152, 1101 of the Civil Code of the Russian Federation.
1.9. Conditions for personal data processing by the Provider:
personal data is processed by the Provider after the personal data subject signs an agreement (offer) for services. According to cl. 5, art. 6 of the Federal Act of July 27, 2006, No. 152-Fz "On personal data", no consent of the personal data subject is required, as the subject concludes the Agreement on his/her own initiative and becomes the beneficiary under the Agreement. "The Provider has the right to transfer the personal data of the subject to third parties for systematization, accumulation, storage, clarification (updates, changes), anonymization, and blocking solely to provide services to the subject of personal data on the website paulineschool.ru based on the GetCourse platform.”
1.10. The storage of personal data of subjects who are users of the platform is carried out in a form that allows identifying the subject of personal data. Personal data must be destroyed when the processing purposes are met. Personal data is deleted by deleting an account on the platform, after that the account cannot be restored.
1.11. Interaction with the federal executive authorities on processing and protection of personal data of subjects whose personal data is processed by the Provider shall be carried out under the laws of the Russian Federation.
1.12. The processing of personal data is automated and performed with the help of a special software module of the site https://getcourse.ru, which processes sections of data filled by users, and based on which the user gets his/her account created.
2. Persons responsible for processing personal data
2.1. The Provider is responsible for processing personal data.
2.2. The person responsible for processing personal data controls the processing of personal data and ensures that all provisions of this Policy related to his responsibility are implemented.
2.3. Duties of a person responsible for processing personal data:
2.3.1. He/she controls the compliance of the Provider's employees with the laws of the Russian Federation on personal data, including requirements for the protection of personal data.
2.3.2. He/she controls receiving and processing cases and requests of personal data subjects or their representatives.
2.3.3. He/she takes steps to detect unauthorized access to personal data.
2.3.4. He/she provides constant monitoring of the level of personal data security.
3. The procedure for ensuring the rights of the subject of personal data
3.1. Personal data subjects or their representatives have the rights provided for under the Federal Act of July 27, 2006, N 152-Fz "On Personal Data."
3.2. The Provider ensures the rights of personal data subjects under chapters 3 and 4 of the Federal Act of July 27, 2006, N 152-Fz "On Personal Data."
3.3. The information in section 7, art. 22 of the Federal Act of July 27, 2006, N 152-Fz "On personal data" is provided to the personal data subject or his/her representative in person or upon a request from the personal data subject or his/her representative. The request must contain the number of the main identification document of the personal data subject or his/her representative, information about the date of issue of the document and the issuing authority, information confirming the relationship of the personal data subject with the Provider (the number of the contract, the date of the contract, verbal reference and/or other information), or information that otherwise confirms the fact of processing personal data by the Provider, the signature of the personal data subject. If there is a technical possibility, the request can be sent in the form of an electronic document and signed electronically under the laws of the Russian Federation.
3.4. The right of the personal data subject to access his/her personal data may be restricted under federal laws.
3.5. The Provider is obliged to immediately stop processing personal data at the request of the personal data subject under section 1, art. 15, the Federal Act of July 27, 2006, N 152-Fz "On Personal Data."
3.6. The Provider is obliged to grant the personal data subject or his/her representative the opportunity to access personal data related to this personal data subject at the place of his/her location during working hours.
3.7. Upon the request of the personal data subject or his/her authorized representative, the Provider shall provide local acts of the Provider concerning the processing of personal data for review. Local regulations of the Provider are the Regulation on processing personal data of users of the GetCourse platform and the Regulation on the security of personal data of users of the GetCourse platform under art. 19, the Federal Act of July 27, 2006, N 152-Fz "On personal data."