1. General Provisions
This Personal Data Processing Policy has been drawn up in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006 "On Personal Data" (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data undertaken by Marin Prof (hereinafter referred to as the Operator).
1.1. The Operator considers the observance of human and civil rights and freedoms in the processing of personal data, including the protection of the right to privacy, personal and family secrets, as the most important goal and condition for carrying out its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may receive about visitors to the website namca-ru.org.
1.3. Third-party messengers such as Telegram and WhatsApp may be used as communication methods on our website. When clicking on the respective links to contact us via these messengers, the User consents to the processing of personal data in accordance with this Policy. Processing may include the transmission of technical information to the respective communication services.
2. Key Terms Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computer technology.
2.2. Blocking of personal data — temporary suspension of personal data processing (except in cases where processing is necessary to clarify the personal data).
2.3. Website — a collection of graphic and information materials, as well as software and databases, which ensure their availability on the Internet at the network address namca-ru.org.
2.4. Information system of personal data — a set of personal data contained in databases and information technologies and technical means that ensure their processing.
2.5. Depersonalization of personal data — actions as a result of which it becomes impossible to determine, without the use of additional information, whether personal data belongs to a specific User or another personal data subject.
2.6. Processing of personal data — any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
2.7. Operator — a government authority, municipal body, legal entity, or individual who independently or jointly with others organizes and/or performs the processing of personal data, as well as determines the purposes of personal data processing, the composition of personal data to be processed, and the actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to a specific or identifiable User of the namca-ru.org website.
2.9. Personal data authorized by the subject of personal data for distribution — personal data to which an unlimited number of people have access, provided by the subject of personal data by giving consent for processing in accordance with the procedure provided for by the Personal Data Law.
2.10. User — any visitor to the namca-ru.org website.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a specific circle of persons.
2.12. Distribution of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or at making personal data available to an unlimited number of persons, including publication in the media, placement in information and telecommunication networks, or providing access to personal data by any other means.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual, or a foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irreversible destruction of personal data with the impossibility of further recovery of the content of personal data in the personal data information system and/or the destruction of tangible media containing personal data.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to:
- receive from the personal data subject reliable information and/or documents containing personal data;
- continue processing personal data without the consent of the personal data subject if there are legal grounds specified in the Personal Data Law, even in case of withdrawal of consent;
- independently determine the composition and list of measures necessary and sufficient to ensure compliance with the obligations provided by the Personal Data Law and other regulatory legal acts, unless otherwise stipulated by the law.
3.2. The Operator must:
- provide the personal data subject with information regarding the processing of their personal data upon request;
- organize the processing of personal data in accordance with the current legislation of the Russian Federation;
- respond to inquiries and requests from personal data subjects and their legal representatives;
- provide necessary information to the authorized body for the protection of personal data subjects’ rights within 10 days from the date of receiving such request;
- publish or otherwise provide unrestricted access to this Policy regarding the processing of personal data;
- take legal, organizational and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, dissemination, as well as other unlawful actions;
- stop the transmission (distribution, provision, access) of personal data, terminate processing and destroy personal data in cases and in the manner provided for by the Personal Data Law;
- fulfill other obligations stipulated by the Personal Data Law.
4. Main Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
- receive information regarding the processing of their personal data, except in cases provided by federal laws. The information must be provided in an accessible form and must not include personal data related to other subjects, unless there are legal grounds for disclosing such data;
- demand clarification, blocking, or destruction of their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose of processing, as well as to take legal measures to protect their rights;
- require prior consent for the processing of personal data for the purpose of marketing goods, works, and services;
- withdraw consent for the processing of personal data, and send a request to stop processing their data;
- appeal to the authorized body for the protection of personal data subjects’ rights or to the court against unlawful acts or omissions by the Operator when processing personal data;
- exercise other rights provided by Russian legislation.
4.2. Personal data subjects must:
- provide the Operator with accurate information about themselves;
- notify the Operator of any updates or changes to their personal data.
4.3. Individuals who provide false information about themselves or about another subject without their consent are liable according to the legislation of the Russian Federation.
5. Principles of Personal Data Processing
5.1. The processing of personal data must be lawful and fair.
5.2. Processing must be limited to achieving specific, predefined, and lawful purposes. Processing incompatible with these purposes is not allowed.
5.3. The combination of databases containing personal data processed for incompatible purposes is not allowed.
5.4. Only personal data that meets the processing purposes may be processed.
5.5. The content and volume of processed personal data must correspond to the declared purposes. Excessive personal data processing is not permitted.
5.6. Personal data must be accurate, sufficient, and, when necessary, up to date. The Operator must take necessary measures to delete or clarify incomplete or inaccurate data.
5.7. Personal data must be stored in a way that allows identifying the data subject no longer than required for the purpose of processing, unless a longer period is required by federal law or a contract. Upon achieving the processing purposes or if these purposes are no longer needed, the data must be destroyed or anonymized, unless otherwise provided by law.
6. Purposes of Personal Data Processing
Purpose of processing: Informing the User via email.
Personal data: surname, name, patronymic; email address; phone numbers; date and place of birth; photographs.
Legal basis: Operator’s charter documents; contracts concluded between the Operator and the data subject.
Types of processing: collection, recording, systematization, accumulation, storage, destruction, anonymization of personal data; sending informational emails.
Additional channels: Processing of technical data when switching to third-party messengers (Telegram, WhatsApp) to contact the Operator.
7. Conditions for Personal Data Processing
7.1. Personal data processing is carried out with the consent of the data subject.
7.2. Processing is required to achieve goals provided by international treaties of the Russian Federation or by law, to fulfill functions, powers, and duties imposed on the Operator.
7.3. Processing is necessary for the administration of justice, enforcement of a judicial act or an act of another authority or official.
7.4. Processing is necessary for the performance of a contract involving the data subject, including contracts made at the initiative of the subject or where the subject is a beneficiary or guarantor.
7.5. Processing is necessary to protect the rights and legitimate interests of the Operator or third parties, or to achieve socially significant objectives, provided that this does not violate the rights and freedoms of the data subject.
7.6. Processing is carried out for personal data that is publicly available or made so by the data subject.
7.7. Processing is performed for data required to be disclosed or published in accordance with federal law.
8. Procedure for Collection, Storage, Transfer and Other Types of Personal Data Processing
The Operator ensures the security of personal data by implementing legal, organizational, and technical measures in compliance with current legislation on personal data protection.
8.1. The Operator ensures the confidentiality and safety of personal data and prevents unauthorized access.
8.2. Personal data will not be shared with third parties unless required by law or with the data subject’s consent for fulfilling contractual obligations.
8.3. Users may update their personal data by sending an email to
8.4. The duration of processing is determined by the purpose for which the data was collected, unless otherwise specified by contract or law. Consent may be withdrawn by emailing the Operator with the subject "Withdrawal of consent for personal data processing".
8.5. Information collected by third-party services (e.g., payment systems, communication tools) is stored and processed by those services in accordance with their user agreements and privacy policies. The Operator is not responsible for third-party actions.
8.6. Restrictions set by the data subject regarding transfer, processing, or conditions of processing of public personal data do not apply in cases where the data is processed for state, public, or other legally significant purposes.
8.7. The Operator ensures confidentiality in all personal data processing.
8.8. Personal data is stored in a way that allows identifying the subject for no longer than needed unless otherwise required.
8.9. Processing may cease upon achieving the goal, expiration of consent, withdrawal of consent, or discovery of unlawful processing.
9. List of Actions Performed by the Operator with Collected Personal Data
9.1. The Operator performs the collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
9.2. The Operator carries out automated processing of personal data with the receipt and/or transfer of the obtained data via information and telecommunication networks or without such.
10. Cross-Border Transfer of Personal Data
10.1. Before initiating the cross-border transfer of personal data, the Operator must notify the authorized body for the protection of the rights of personal data subjects about its intention (this notification is separate from the general notification on processing personal data).
10.2. Before sending the above notification, the Operator must obtain the necessary information from foreign authorities, individuals, or legal entities to which the data will be transferred.
11. Confidentiality of Personal Data
The Operator and any other person who has gained access to personal data must not disclose or distribute the personal data to third parties without the consent of the data subject, unless otherwise required by federal law.
12. Final Provisions
12.1. The User may obtain any clarification on questions related to the processing of their personal data by contacting the Operator via email at
12.2. Any changes to this Policy will be reflected in this document. The Policy is valid indefinitely until replaced with a new version.
12.3. The current version of the Policy is available on the Internet at namca-ru.org/en/privacy-policy