Узнайте об изменениях в проведении экспортной импортной деятельности в условиях COVID-19
Этот сайт использует файлы cookie с целью повышения производительности сайта и улучшения качества обслуживания. Personal data processing policy

    Personal data processing policy

    Policy regarding the processing of personal data in JSC “Agency for Foreign Economic Affairs”
    CHAPTER 1
    General provisions

    1. This Personal Data Processing Policy (hereinafter referred to as the Policy) has been prepared in pursuance of the requirements of the Law of the Republic of Belarus dated May 7, 2021 No. 99-Z “On the Protection of Personal Data” (hereinafter referred to as the Law) and defines measures to ensure the protection and security of personal data accepted by JSC "Agency for Foreign Economic Affairs" (hereinafter referred to as the Agency).

    2. The policy applies to all personal data processing processes that the Agency receives about the subject of personal data, and the structural units that process them.

    3. The purpose of the Policy is to ensure proper protection of personal data from unauthorized access and disclosure, respect for the rights and freedoms of a citizen when processing his personal data, including ensuring the protection of the rights to privacy, personal and family secrets.

    4. By transferring personal data to the Agency, including through the Internet resources of the Agency, the subject of personal data confirms his consent to the processing of relevant information on the terms set forth in the Policy.

    5. The following main terms and their definitions are used in the Policy:

    blocking personal data - stopping access to personal data without deleting it;

    Internet resource - a website, website page, web portal, blog, chat, application for a mobile device and other resources connected to the Internet;

    depersonalization of personal data - actions, as a result of which it becomes impossible to determine the ownership of personal data by a specific subject of personal data without the use of additional information;

    processing of personal data - any action or set of actions performed with personal data, including the collection, systematization, storage, modification, use, depersonalization, blocking, distribution, provision, deletion of personal data;

    personal data - any information relating to an identified natural person or an identifiable natural person;

    provision of personal data - actions aimed at familiarizing with the personal data of a certain person or circle of persons;

    dissemination of personal data - actions aimed at familiarizing with personal data of an indefinite circle of persons;

    services - any services, products, programs, events, services of the Agency;

    special personal data - personal data relating to race or nationality, political opinions, membership in trade unions, religious or other beliefs, health or sexual life, administrative or criminal liability, as well as biometric and genetic personal data;< /p>

    subject of personal data - an individual in respect of whom the processing of personal data is carried out;

    deletion of personal data - actions, as a result of which it becomes impossible to restore personal data in information resources (systems) containing personal data, and (or) as a result of which material carriers of personal data are destroyed;

    an individual who can be identified - an individual who can be directly or indirectly identified, in particular through the surname, first name, patronymic, date of birth, identification number, or through one or more features characteristic of his physical, psychological , mental, economic, cultural or social identity.

    Other terms and their definitions used in the Policy are used in the meanings determined by law.

    CHAPTER 2
    Basic principles of personal data processing

    6. The processing of personal data is carried out on the basis of the following principles:

    is carried out with the consent of the subject of personal data, with the exception of cases established by law. The subject of personal data consents to the processing of personal data for an indefinite period, unless otherwise provided by law;

    is limited to achieving specific, pre-declared legitimate purposes. It is not allowed to process personal data that is incompatible with the originally stated purposes of their processing;

    The content and scope of the processed personal data must correspond to the stated purposes of their processing. The personal data being processed should not be excessive in relation to the stated purposes of their processing;

    when processing personal data, their accuracy, sufficiency, and, if necessary, relevance in relation to the stated purposes of processing are ensured;

    must be transparent. For these purposes, the subject of personal data, in cases provided for by the Law, is provided with relevant information regarding the processing of his personal data;

    storage of personal data is carried out in a form that allows to identify the subject of personal data no longer than the stated purposes of processing personal data require, if the period of storage of personal data is not established by law, an agreement to which the subject of personal data is a party.

    7. Personal data is subject to destruction or depersonalization upon achievement of the purposes of processing or in case of loss of the need to achieve these purposes, unless otherwise provided by law.

    CHAPTER 3
    Purposes of personal data processing

    8. The purposes of processing personal data by the Agency are:

    conclusion of any types of contracts with personal data subjects and their subsequent execution;

    use of personal data for advertising and marketing purposes, including sending notifications, commercial offers, information and advertising mailings related to the services of the Agency to the subject of personal data;

    processing messages and requests received from the subject of personal data;

    analysis of the work of the Agency's Internet resources and services, including through surveys and other studies;

    providing the Agency services to the subject of personal data;

    conducting personnel work and organizing the accounting of employees by the Agency, including attracting and selecting candidates for work in the Agency;

    maintaining individual (personalized) records of insured persons;

    maintenance of military records;

    accounting and tax accounting;

    calculation and transfer of wages, appointment and payment of benefits;

    filling in and submitting the required reporting forms to state bodies and other authorized organizations;

    processing of personal data for the purpose of assigning pensions;

    carrying out business activities;

    processing other requests and requests received from personal data subjects;

    Fulfillment of other duties (powers) provided for by legislative acts.

    CHAPTER 4
    Categories of personal data subjects and the list of personal data processed by the agency

    9. The Agency may process personal data of the following personal data subjects:

    job candidates, employees of the Agency, including former employees, their spouses and close relatives;

    persons who are candidates for the managerial personnel reserve;

    Persons who are not employees of the Agency, when processing award documents of the Agency;

    students, other persons who arrived at the Agency for practice, internships;

    counterparties are individuals, including potential ones (under contracts);

    representatives of potential counterparties;

    visitors of Internet resources and users of the Agency's services;

    Persons who provided personal data to the Agency in another way.

    10. The personal data processed by the Agency include:

    last name, first name, patronymic;

    floor;

    day, month and year of birth;

    identification data;

    passport data;

    place of birth;

    place of residence (place of stay);

    place of work, position;

    postal address;

    email;

    digital photo portrait;

    data:

    about citizenship;

    about registration at the place of residence and (or) place of stay;

    about the death or declaration of an individual as deceased, recognition as missing, incapacitated, partially incapacitated;

    about parents, guardians, trustees, marital status, spouse, child (children) of an individual;

    about education, academic degree, academic title;

    about occupation;

    on pensions, monthly maintenance under the legislation on public service, monthly insurance payment on compulsory insurance against industrial accidents and occupational diseases;

    about tax liabilities;

    on the performance of military duty;

    about disability;

    on the presence of enforcement proceedings on execution in the enforcement bodies;

    social insurance certificates;

    about the taxpayer account number;

    about the numbers of work, home (landline) and mobile phones and other methods of communication.

    11. The agency may process the following technical information:

    IP address;

    information from the browser;

    data from cookies.

    address of the requested page;

    history of requests and views on the Agency's Internet resources.

    12. The Agency processes special personal data only with the consent of the subject of personal data or without consent in cases provided for by law.

    CHAPTER 5
    Basic rights and obligations of the agency

    13. The agency has the right to:

    receive reliable information and (or) documents containing personal data from the subject of personal data;

    request from the subject of personal data information about the relevance and reliability of the provided personal data;

    if the subject of personal data withdraws consent to the processing of personal data, continue processing personal data if there are grounds specified in the Law;

    if necessary, to achieve the purposes of processing personal data, transfer them to third parties in compliance with the requirements of the law;

    to independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of the obligations provided for by the Law and the regulatory legal acts adopted in accordance with it, unless otherwise provided by the Law.

    14. The agency must:

    explain to the subject of personal data his rights related to the processing of personal data;

    obtain the consent of the subject of personal data to the processing of personal data, except as provided by the Law and other legislative acts;

    ensure the protection of personal data during their processing;

    provide the subject of personal data with information about his personal data, as well as about the provision of his personal data to third parties, except as provided by the Law and other legislative acts;

    make changes to personal data that are incomplete, outdated or inaccurate, unless a different procedure for making changes to personal data is established by legislative acts or if the purposes of processing personal data do not imply subsequent changes to such data;

    stop the processing of personal data, as well as delete or block them (ensure the termination of the processing of personal data, as well as their removal or blocking by an authorized person) in the absence of grounds for the processing of personal data provided for by the Law and other legislative acts;

    notify the National Center for the Protection of Personal Data of the Republic of Belarus (hereinafter referred to as the NCPDP) of violations of personal data protection systems immediately, but no later than three working days after the operator became aware of such violations, except as provided by the NCPDP;

    change, block or delete inaccurate or illegally obtained personal data of the personal data subject at the request of the NCPDP, unless a different procedure for making changes to personal data, blocking or deleting them is established by legislative acts;

    to comply with other requirements of the NCPDP on the elimination of violations of the legislation on personal data;

    perform other duties stipulated by the Law and other legislative acts.

    CHAPTER 6
    Basic rights and obligations of the subject of personal data

    15. The subject of personal data has the right:

    to receive information regarding the processing of his personal data;

    receive information from the Agency about the provision of your personal data to third parties on the terms determined by the Law;

    get any clarifications on issues of interest regarding the processing of his personal data by contacting the Agency via e-mail;

    withdraw consent to the processing of personal data;

    appeal to the NCPDP or in court against illegal actions or inaction of the Agency in the processing of personal data;

    require from the Agency:

    change his personal data if the personal data is incomplete, outdated or inaccurate;

    free termination of the processing of their personal data, including their deletion, in the absence of grounds for the processing of personal data provided for by the Law and other legislative acts;

    exercising other rights provided by law.

    16. The subject of personal data is obliged to:

    provide the Agency with reliable data about yourself;

    inform the Agency about the clarification (update, change) of their personal data. Persons who have provided the Agency with false information about themselves or information about another subject of personal data without the consent of the latter are liable in accordance with the legislation of the Republic of Belarus.

    CHAPTER 7
    Final Provisions

    17. The Agency and other persons who have gained access to personal data are obliged not to disclose to third parties and not to distribute personal data without the consent of the subject of personal data, unless otherwise provided by the Law.

    18. The security of personal data processed by the Agency is ensured through the implementation of legal, organizational and technical measures necessary to fully comply with the requirements of legislation in the field of personal data protection.

    19. The policy comes into force from the day it is approved.

    20. The Agency has the right to change the Policy unilaterally without prior approval and subsequent notification of the subject of personal data.

    21. Issues related to the processing of personal data that are not enshrined in the Policy are regulated by law.

    Site map
    Anti-corruption
    Обращения граждан и юридических лиц
    Personal data processing policy
    Разработка сайта