Privacy Policy

1. General Provisions

This Personal Data Processing Policy is prepared in accordance with the requirements of Federal Law No. 152-FZ “On Personal Data” of 27.07.2006 (hereinafter – the Personal Data Law) and determines the procedure for processing personal data and measures to ensure the security of personal data undertaken by LLC "CN Open" (hereinafter – the Operator).

1.1. The Operator’s primary objective and condition for its activity is to respect human and citizen rights and freedoms when processing personal data, including protecting the right to privacy, personal and family secrets.

1.2. This Policy of the Operator regarding the processing of personal data (hereinafter – the Policy) applies to all information that the Operator may receive about visitors to the website https://www.cn-open.com/.

2. Basic Terms Used in the Policy2.1. Automated processing of personal data – processing using computer technology.

2.2. Blocking of personal data – temporary suspension of processing (except when processing is required to clarify the data).

2.3. Website – a set of graphic and information materials, software, and databases available at https://www.cn-open.com/.

2.4. Personal data information system – databases of personal data and IT tools enabling their processing.

2.5. Depersonalization – actions that make it impossible to identify personal data without additional information.

2.6. Processing of personal data – any action (operation) performed with personal data, including collection, recording, systematization, accumulation, storage, updating, retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction.

2.7. Operator – a state body, municipal body, legal or natural person organizing and/or carrying out processing of personal data.

2.8. Personal data – any information directly or indirectly relating to a specific User of https://www.cn-open.com/.

2.9. Personal data allowed for distribution – data made available by the subject through consent as defined by the Law.

2.10. User – any visitor of https://www.cn-open.com/.

2.11. Provision of personal data – disclosure of data to a specific person or group.

2.12. Distribution – disclosure to an unlimited number of persons, including publication and online posting.

2.13. Cross-border transfer – transfer of personal data to a foreign state or foreign persons.

2.14. Destruction – irreversible actions leading to elimination of personal data.

3. Operator’s Rights and Obligations

Rights:

Obtain accurate data/documents from the subject.
Continue processing without consent where allowed by law.
Independently define measures for compliance.

Obligations:

Provide subjects with information on processing.
Organize processing in compliance with Russian law.
Respond to requests from subjects and regulators.
Publish and maintain public access to this Policy.
Take measures to protect personal data.
Cease processing and destroy data when required.

4. Rights and Obligations of Data Subjects

Rights:

Receive information about processing.
Request updates, blocking, or deletion of inaccurate/outdated data.
Require consent for marketing processing.
Withdraw consent and demand cessation of processing.
Complain to authorities or court about unlawful actions.

Obligations:

Provide accurate personal data.
Inform about updates/changes.

Persons providing false data are liable under Russian law.

5. Principles of Processing

Legality and fairness.
Processing limited to lawful, specific purposes.
No incompatible database merging.
Only relevant, sufficient data processed.
Data must be accurate, updated when necessary.
Storage limited to the period needed for processing goals.
6. Purposes of Processing
Providing User access to services, information, and website materials.
Informing Users by email.

Personal data processed: full name, email, phone numbers.

Legal basis: Federal Law No. 149-FZ “On Information, Information Technologies, and Protection of Information.”

Types of processing: collection, recording, systematization, storage, deletion, depersonalization, feedback.

7. Conditions of Processing

Processing may occur:

With the User’s consent.
To fulfill obligations under Russian law or international agreements.
To execute judicial acts.
To perform contracts with the subject.
To protect Operator’s or third parties’ rights/interests.
For public interest purposes under Russian law.
For publicly available data.
Where mandatory disclosure is required by law.
8. Collection, Storage, Transfer and Processing
Security ensured by legal, organizational, technical measures.
Data never transferred to third parties without legal grounds or consent.
User may update data via email: trade@cn-open.com (“Update of personal data”).
Processing period: until purposes achieved or consent withdrawn (via trade@cn-open.com with note “Withdrawal of consent”).
Third-party services (payment systems, telecoms, etc.) process data under their own agreements; Operator not liable for their actions.
Operator ensures confidentiality.
Data stored no longer than necessary.
Processing ceases when goals achieved, consent expired/withdrawn, or unlawful processing found.

9. Actions with Personal Data

Operator collects, records, systematizes, stores, updates, retrieves, uses, transfers, depersonalizes, blocks, deletes, and destroys personal data, including automated processing.

10. Cross-Border Transfer

Before cross-border transfer, Operator must notify the Russian authority on personal data protection and obtain necessary confirmations from foreign recipients.

11. Confidentiality

Operator and persons with access must not disclose personal data to third parties without consent unless required by law.

12. Final Provisions

User may request clarifications by emailing trade@cn-open.com.
Changes to this Policy will be reflected in this document.
Policy is valid indefinitely until replaced.
Current version is publicly available at: https://www.cn-open.com/privacy