1.1. This Policy of the Branch of the Association "Association of International Pharmaceutical Manufacturers" (Switzerland) (hereinafter referred to as the "Association") regarding the processing of personal data (hereinafter referred to as the Policy) has been developed in pursuance of the requirements of clause 2, part 1 of Art. 18.1 of the Federal Law of 27.07.2006 N 152-FZ "On Personal Data" (hereinafter referred to as the Law on Personal Data) in order to ensure the protection of human and civil rights and freedoms when processing his personal data.
1.2. The Policy applies to all personal data processed by the Branch of the Association "Association of International Pharmaceutical Manufacturers" (Switzerland) (hereinafter referred to as the Operator).
1.3. The Policy applies to relations in the field of personal data processing that arose with the Operator both before and after the approval of this Policy.
1.4. In pursuance of the requirements of the Law on Personal Data, this Policy is published in free access on the information and telecommunications network Internet on the Operator's website.
1.5. The basic concepts used in the Policy:
1.5.1 Personal data - any information relating directly or indirectly to a specific or identifiable individual (subject of personal data);
1.5.2 Processing personal data - any action (operation) or a set of actions (operations) with personal data performed with the use of automation tools or without their use;
1.5.3 Blocking of personal data - temporary termination of the processing of personal data (except cases when processing is necessary to clarify personal data);
1.5.4 Destruction of personal data - actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which material carriers of personal data;
1.5.5 Anonymization of personal data - actions as a result of which it becomes impossible without the use of additional information - the ownership of personal data by a specific subject of personal data;
1.5.6 Personal data information system - a set of personal data contained in databases and information technologies and technical means ensuring their processing;
1.6 ... Basic rights and obligations of the Operator.
1.6.1. The operator has the right to:
1) independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of the obligations provided for by the Law on Personal Data and regulatory legal acts adopted in accordance with it, unless otherwise provided by the Law on Personal data or other federal laws;
2) entrust the processing of personal data to another person with the consent of the subject of personal data, unless otherwise provided by federal law, on the basis of an agreement concluded with this person. The person who processes personal data on behalf of the Operator is obliged to comply with the principles and rules for processing personal data provided for by the Law on Personal Data;
3) if the subject of personal data withdraws consent to the processing of personal data, the Operator has the right to continue processing personal data. data without the consent of the subject of personal data if there are grounds specified in the Law on Personal Data.
1.6.2. The operator is obliged to:
1) organize the processing of personal data in accordance with the requirements of the Law on Personal Data;
2) respond to requests and inquiries from subjects of personal data and their legal representatives in accordance with the requirements Of the Law on Personal Data;
3) report to the authorized body for the protection of the rights of subjects of personal data (Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor)), at the request of this body, the necessary information within 30 days from the date of receipt of such a request.
1.7. Basic rights and obligations of the personal data subject.
1) The subject of personal data has the right to receive information regarding the processing of his personal data, with the exception of cases provided for by federal laws. The information is provided to the subject of personal data by the Operator in an accessible form, and it should not contain personal data relating to other subjects of personal data, unless there are legal grounds for disclosing such personal data. The list of information and the procedure for obtaining it is established by the Law on Personal Data;
2) The subject of personal data has the right to require the operator to clarify his personal data, block or destroy them if the personal data is incomplete, outdated, inaccurate or are not necessary for the stated purpose of processing, as well as to take measures prescribed by law to protect their rights;
3)The personal data subject has the right to appeal to Roskomnadzor or in court against the unlawful actions or inaction of the Operator when processing his personal data.
4) The personal data subject has the right to demand from the Operator to provide the subject with access to his Personal data, making amendments into such data, restricting access to them and their deletion, as well as ensuring the possibility of the movement of Personal Data. Such requirements can be sent to the Operator at: email@example.com .
5) Personal data subject is responsible for ensuring the relevance and reliability of his data when they are provided to the Operator, as well as in cases where the functionality of the Operator's services allows the subject of Personal Data to update his data.
6) In case of transferring personal data of a third party to the Operator, the Personal Data Subject confirms and guarantees that he/she has received the consent of the third party for such transfer in accordance with the current legislation of the Russian Federation.
7) The subject of personal data should periodically check this Policy for subject to any changes.
1.8. Control over the implementation of the requirements of this Policy is carried out by an authorized person responsible for organizing the processing of personal data at the Operator.
1.9. Responsibility for violation of the requirements of the legislation of the Russian Federation and the normative acts of the Operator in the field of processing and protection of personal data is determined in accordance with the legislation of the Russian Federation.
Purpose of processing personal data
2.1 The processing of personal data by the Operator is carried out for the following purposes:
1) Registration for participation in events in person or through a representative.
2) Maintaining a database of contact information, including in order to inform about future events and events. The personal data subject has the right to revoke his consent to the processing of personal data by sending an email to the address: firstname.lastname@example.org .
3) Processing of personal data when sending a request to the Operator.
4) Functioning of the online training on the AIPM Code, containing the personal data of personal data subjects in an impersonal form for the Operator.
5) Registration of the personal data subject on the Association website.
6) Conducting surveys and research.
7) Sending newsletters.
2.2 All Personal Data will be used only for the specified purposes and will not be sold or transferred to third parties otherwise than in compliance with these goals. All personal data will be deleted after such a basis for data storage is no longer valid.
3.1 The operator has the right to transfer personal data for the above purposes :
1) service providers in connection with the operation of this website, including hosting the site, providing technology-related services and distributing information materials; or
2) government officials, regulatory officials or other law enforcement and court officials in accordance with the procedure established by law or based on the requirements of a binding order; or
3) members of the Association and partners within the framework of the Operator's activities in connection with the purposes for which personal data was collected.
4.1 The Operator takes appropriate technical, physical and organizational measures to protect Personal Data from their unexpected or illegal destruction or unforeseen loss, alteration, unauthorized disclosure or access to such Personal Data, taking into account that any information security system cannot guarantee the absolute security of personal data.
5.1 The Operator takes all necessary steps to ensure the integrity of the processed Personal data for the purposes for which they are are used, as well as to ensure that Personal Data is reliable, complete and up-to-date.
Storage of Personal Data
6.1 The Operator stores Personal Data as long as it is required by applicable law, or as long as it is necessary for the purpose (s) of their processing.
Changes to this Policy
7.1 If the Operator makes any significant changes to this Policy, the Operator publishes an updated link on the Operator's website page indicating the date of the last update.
Other Internet resources
The rules and procedures for the protection of personal data specified in this Policy are intended solely for use on the Operator's website and in the framework of other specified activities of the Operator. Other websites hosted on third party servers may apply different policies and procedures. If you follow a link to such a website or otherwise visitIf you visit any other website operated by third parties, the Operator is not responsible for the policies, rules and procedures applied by third parties.
If the subject of personal data has any questions regarding this
Policy, please contact: email@example.com
Personal data processing policy dated April 14, 2022