Privacy Policy for the Processing of Personal Data
1. General Provisions This privacy policy for the processing of personal data (hereinafter referred to as the "Policy") has been drafted in accordance with the Federal Law No. 152-FZ dated July 27, 2006 "On Personal Data" (as amended, hereinafter the "Personal Data Law"), as well as other regulatory legal acts of the Russian Federation concerning the processing and protection of personal data. It defines the procedures for processing personal data and the measures taken by LLC "GrandLog" (hereinafter referred to as the "Operator") to ensure their security.
1.1. The Operator considers the observance of human and civil rights and freedoms in the processing of personal data, including the protection of the right to privacy, personal and family secrets, as its paramount objective and condition for conducting its activities.
1.2. This Policy applies to all information that the Operator may obtain about visitors to the website https://grand-log.ru.
1.3. This Policy considers the types of economic activities carried out, including those within the following Russian Classification of Economic Activities (OKVED) codes:
· 52.29;
· 49.10;
· 49.20;
· 49.20.1;
· 49.20.9;
1.4. Contact for Personal Data Processing
Responsible for the organization of personal data processing: Anton Vitalievich Dudin E-mail: Customs@grand-log.ru Phone: +7 994 009-10-09 Postal address: 690034, Primorsky Krai, Vladivostok, Fadeeva St., 47A, Office 403/1
2. Key Terms Used in the Policy
2.1. Automated processing of personal data: processing of personal data using computer technology.
2.2. Blocking of personal data: temporary cessation of personal data processing (except in cases where processing is necessary to clarify personal data).
2.3. Website: a collection of graphic and information materials, as well as computer software and databases ensuring their availability on the internet at https://grand-log.ru. 2.4. Personal data information system: a set of personal data contained in databases and the technologies and tools used to process them.
2.5. Anonymization of personal data: actions that make it impossible to identify a specific User or other data subject without the use of additional information.
2.6. Processing of personal data: any operation or set of operations performed with or without the use of automation tools on personal data, including collection, recording, systematization, accumulation, storage, updating, retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data. 2.7. Operator: a state or municipal authority, legal or natural person who independently or jointly with others organizes and/or performs the processing of personal data, as well as determines the purposes of processing, the composition of the personal data to be processed, and the operations performed on the data.
2.8. Personal data: any information relating directly or indirectly to an identified or identifiable User of the website https://grand-log.ru.
2.9. Personal data permitted for dissemination by the data subject: personal data made publicly available by the data subject through consent in accordance with the Personal Data Law.
2.10. User: any visitor to the website https://grand-log.ru.
2.11. Provision of personal data: actions aimed at disclosing personal data to a specific person or group.
2.12. Dissemination of personal data: actions aimed at disclosing personal data to an indefinite group, including publication in media, placement in information networks, or otherwise granting access.
2.13. Cross-border transfer of personal data: transfer of personal data to a foreign state authority, foreign individual, or foreign legal entity.
2.14. Destruction of personal data: actions resulting in the irreversible elimination of personal data with the impossibility of restoration.
2. Rights and Obligations of the Operator
3.1. The Operator has the right to:
· request accurate information and/or documents from the data subject;
· continue processing personal data without consent in cases provided by the Personal Data Law;
· determine the list and scope of measures necessary to fulfill its obligations under the Personal Data Law.
3.2. The Operator is obliged to:
· provide data subjects with information about the processing of their data;
· organize data processing in accordance with the applicable laws;
· respond to inquiries from data subjects and their representatives;
· notify the authorized body for personal data protection upon request;
· publish or provide unrestricted access to this Policy;
· implement legal, organizational, and technical measures to protect personal data;
· stop processing and destroy personal data in cases prescribed by law;
· perform other duties as defined by the Personal Data Law.
4. Rights and Obligations of Personal Data Subjects:
4.1. Data subjects have the right to:
· obtain information about the processing of their data (except where otherwise provided by law);
· demand the rectification, blocking, or destruction of their data if it is incomplete, outdated, inaccurate, illegally obtained, or not necessary for processing purposes;
· request prior consent for processing data for marketing purposes;
· withdraw consent or request termination of processing;
· lodge complaints with the data protection authority or courts;
· exercise other rights provided by Russian law.
4.2. Data subjects are obliged to:
· provide accurate information;
· inform the Operator about updates to their personal data.
4.3. Persons providing false data or information about others without consent are liable under Russian law.
4.4. Response time to inquiries: The Operator acknowledges receipt of a request within 10 calendar days and provides a full response no later than 30 calendar days.
5. Principles of Personal Data Processing
5.1. Lawfulness and fairness.
5.2. Data processing is limited to achieving lawful, specific goals.
5.3. Incompatibility of purposes prohibits combining databases.
5.4. Only data relevant to processing purposes may be processed.
5.5. The scope of data must correspond to processing goals and must not be excessive. 5.6. Accuracy and relevance must be ensured; incomplete or inaccurate data must be deleted or updated.
5.7. Data storage duration must not exceed the time necessary to fulfill the processing goals, unless otherwise required by law or contract. Data is destroyed or anonymized once no longer needed.
6. Purposes of Data Processing
6.1. Purposes include:
· sending information via email;
· conclusion and execution of contracts for sale and services;
· organizing deliveries;
· providing technical support;
· maintaining statistics and analytics;
· handling incoming requests and communication via phone, email, or messenger;
· sending marketing messages with the User's consent.
6.2. Personal data includes:
· full name;
· email address;
· phone numbers;
· delivery address and payment details necessary for contract fulfillment.
6.3. Legal grounds: Federal Law No. 152-FZ, Federal Law No. 149-FZ, Federal Law No. 38-FZ, and other regulations.
6.4. Data processing includes collection, recording, systematization, accumulation, storage, destruction, and anonymization.
7. Conditions for Data Processing
7.1–7.7. Personal data is processed with the subject's consent, for legal obligations, judicial acts, contract execution, public interest, or dissemination allowed by the data subject.
7.8. Consent is granted by actions such as:
· registration on the website;
· social media authorization;
· feedback form submission;
· newsletter subscription;
· review submission;
· contract conclusion.
7.9. Messengers (WhatsApp, Telegram) are communication tools only, not used for data processing.
7.10. External storage links (e.g., Google Drive) do not process personal data via the website; responsibility lies with the platform owners.
7.11. Notification to Roskomnadzor of data breaches: Initial notification within 24 hours, extended report within 72 hours.
8. Data Handling Procedure
8.1. Security measures include legal, organizational, and technical controls.
8.2. Personal data is not shared with third parties unless required by law or contract.
8.3. Users may update their data via email with the subject "Update of personal data." 8.4. Data is processed for as long as necessary for stated purposes unless otherwise stipulated by law or contract. Users may revoke consent by emailing with the subject "Withdrawal of consent."
8.5. Data collected by third-party services is governed by their own policies; the Operator is not responsible for their actions.
8.6. Restrictions on dissemination do not apply when data is processed in public interest.
8.7. Confidentiality is maintained throughout data processing.
8.8. Data is stored no longer than necessary for processing purposes.
8.9. Processing ends upon purpose fulfillment, consent expiration or withdrawal, or unlawful processing.
8.10. Localization of data storage: Primary recording, storage, and updating of Russian citizens' data occurs on servers located within the Russian Federation. Cross-border transfer is allowed only after local storage and anonymization.
9. Operator's Data Processing Activities 9.1. The Operator collects, records, systematizes, accumulates, stores, updates, retrieves, uses, transfers, anonymizes, blocks, deletes, and destroys personal data. 9.2. Automated data processing may involve information exchange over networks. 9.3. Data destruction procedure: (a) destruction report; (b) deletion from systems; (c) physical destruction of paper copies; (d) report signed by two authorized employees.
10. Cross-Border Data Transfer
10.1. The Operator must notify the data protection authority before cross-border data transfer.
10.2. Before notification, the Operator must verify the recipient's ability to protect personal data.
11. Data Confidentiality
The Operator and others with access to personal data must not disclose or share it without the subject's consent unless required by law.
12. Final Provisions
12.1. Users may contact the Operator at Customs@grand-log.ru with any inquiries.
12.2. Changes to the Policy will be reflected in this document. The Policy is valid indefinitely until replaced.
12.3. The current version of the Policy is available online at https://grand-log.ru/privacy.
1.1. The Operator considers the observance of human and civil rights and freedoms in the processing of personal data, including the protection of the right to privacy, personal and family secrets, as its paramount objective and condition for conducting its activities.
1.2. This Policy applies to all information that the Operator may obtain about visitors to the website https://grand-log.ru.
1.3. This Policy considers the types of economic activities carried out, including those within the following Russian Classification of Economic Activities (OKVED) codes:
· 52.29;
· 49.10;
· 49.20;
· 49.20.1;
· 49.20.9;
1.4. Contact for Personal Data Processing
Responsible for the organization of personal data processing: Anton Vitalievich Dudin E-mail: Customs@grand-log.ru Phone: +7 994 009-10-09 Postal address: 690034, Primorsky Krai, Vladivostok, Fadeeva St., 47A, Office 403/1
2. Key Terms Used in the Policy
2.1. Automated processing of personal data: processing of personal data using computer technology.
2.2. Blocking of personal data: temporary cessation of personal data processing (except in cases where processing is necessary to clarify personal data).
2.3. Website: a collection of graphic and information materials, as well as computer software and databases ensuring their availability on the internet at https://grand-log.ru. 2.4. Personal data information system: a set of personal data contained in databases and the technologies and tools used to process them.
2.5. Anonymization of personal data: actions that make it impossible to identify a specific User or other data subject without the use of additional information.
2.6. Processing of personal data: any operation or set of operations performed with or without the use of automation tools on personal data, including collection, recording, systematization, accumulation, storage, updating, retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data. 2.7. Operator: a state or municipal authority, legal or natural person who independently or jointly with others organizes and/or performs the processing of personal data, as well as determines the purposes of processing, the composition of the personal data to be processed, and the operations performed on the data.
2.8. Personal data: any information relating directly or indirectly to an identified or identifiable User of the website https://grand-log.ru.
2.9. Personal data permitted for dissemination by the data subject: personal data made publicly available by the data subject through consent in accordance with the Personal Data Law.
2.10. User: any visitor to the website https://grand-log.ru.
2.11. Provision of personal data: actions aimed at disclosing personal data to a specific person or group.
2.12. Dissemination of personal data: actions aimed at disclosing personal data to an indefinite group, including publication in media, placement in information networks, or otherwise granting access.
2.13. Cross-border transfer of personal data: transfer of personal data to a foreign state authority, foreign individual, or foreign legal entity.
2.14. Destruction of personal data: actions resulting in the irreversible elimination of personal data with the impossibility of restoration.
2. Rights and Obligations of the Operator
3.1. The Operator has the right to:
· request accurate information and/or documents from the data subject;
· continue processing personal data without consent in cases provided by the Personal Data Law;
· determine the list and scope of measures necessary to fulfill its obligations under the Personal Data Law.
3.2. The Operator is obliged to:
· provide data subjects with information about the processing of their data;
· organize data processing in accordance with the applicable laws;
· respond to inquiries from data subjects and their representatives;
· notify the authorized body for personal data protection upon request;
· publish or provide unrestricted access to this Policy;
· implement legal, organizational, and technical measures to protect personal data;
· stop processing and destroy personal data in cases prescribed by law;
· perform other duties as defined by the Personal Data Law.
4. Rights and Obligations of Personal Data Subjects:
4.1. Data subjects have the right to:
· obtain information about the processing of their data (except where otherwise provided by law);
· demand the rectification, blocking, or destruction of their data if it is incomplete, outdated, inaccurate, illegally obtained, or not necessary for processing purposes;
· request prior consent for processing data for marketing purposes;
· withdraw consent or request termination of processing;
· lodge complaints with the data protection authority or courts;
· exercise other rights provided by Russian law.
4.2. Data subjects are obliged to:
· provide accurate information;
· inform the Operator about updates to their personal data.
4.3. Persons providing false data or information about others without consent are liable under Russian law.
4.4. Response time to inquiries: The Operator acknowledges receipt of a request within 10 calendar days and provides a full response no later than 30 calendar days.
5. Principles of Personal Data Processing
5.1. Lawfulness and fairness.
5.2. Data processing is limited to achieving lawful, specific goals.
5.3. Incompatibility of purposes prohibits combining databases.
5.4. Only data relevant to processing purposes may be processed.
5.5. The scope of data must correspond to processing goals and must not be excessive. 5.6. Accuracy and relevance must be ensured; incomplete or inaccurate data must be deleted or updated.
5.7. Data storage duration must not exceed the time necessary to fulfill the processing goals, unless otherwise required by law or contract. Data is destroyed or anonymized once no longer needed.
6. Purposes of Data Processing
6.1. Purposes include:
· sending information via email;
· conclusion and execution of contracts for sale and services;
· organizing deliveries;
· providing technical support;
· maintaining statistics and analytics;
· handling incoming requests and communication via phone, email, or messenger;
· sending marketing messages with the User's consent.
6.2. Personal data includes:
· full name;
· email address;
· phone numbers;
· delivery address and payment details necessary for contract fulfillment.
6.3. Legal grounds: Federal Law No. 152-FZ, Federal Law No. 149-FZ, Federal Law No. 38-FZ, and other regulations.
6.4. Data processing includes collection, recording, systematization, accumulation, storage, destruction, and anonymization.
7. Conditions for Data Processing
7.1–7.7. Personal data is processed with the subject's consent, for legal obligations, judicial acts, contract execution, public interest, or dissemination allowed by the data subject.
7.8. Consent is granted by actions such as:
· registration on the website;
· social media authorization;
· feedback form submission;
· newsletter subscription;
· review submission;
· contract conclusion.
7.9. Messengers (WhatsApp, Telegram) are communication tools only, not used for data processing.
7.10. External storage links (e.g., Google Drive) do not process personal data via the website; responsibility lies with the platform owners.
7.11. Notification to Roskomnadzor of data breaches: Initial notification within 24 hours, extended report within 72 hours.
8. Data Handling Procedure
8.1. Security measures include legal, organizational, and technical controls.
8.2. Personal data is not shared with third parties unless required by law or contract.
8.3. Users may update their data via email with the subject "Update of personal data." 8.4. Data is processed for as long as necessary for stated purposes unless otherwise stipulated by law or contract. Users may revoke consent by emailing with the subject "Withdrawal of consent."
8.5. Data collected by third-party services is governed by their own policies; the Operator is not responsible for their actions.
8.6. Restrictions on dissemination do not apply when data is processed in public interest.
8.7. Confidentiality is maintained throughout data processing.
8.8. Data is stored no longer than necessary for processing purposes.
8.9. Processing ends upon purpose fulfillment, consent expiration or withdrawal, or unlawful processing.
8.10. Localization of data storage: Primary recording, storage, and updating of Russian citizens' data occurs on servers located within the Russian Federation. Cross-border transfer is allowed only after local storage and anonymization.
9. Operator's Data Processing Activities 9.1. The Operator collects, records, systematizes, accumulates, stores, updates, retrieves, uses, transfers, anonymizes, blocks, deletes, and destroys personal data. 9.2. Automated data processing may involve information exchange over networks. 9.3. Data destruction procedure: (a) destruction report; (b) deletion from systems; (c) physical destruction of paper copies; (d) report signed by two authorized employees.
10. Cross-Border Data Transfer
10.1. The Operator must notify the data protection authority before cross-border data transfer.
10.2. Before notification, the Operator must verify the recipient's ability to protect personal data.
11. Data Confidentiality
The Operator and others with access to personal data must not disclose or share it without the subject's consent unless required by law.
12. Final Provisions
12.1. Users may contact the Operator at Customs@grand-log.ru with any inquiries.
12.2. Changes to the Policy will be reflected in this document. The Policy is valid indefinitely until replaced.
12.3. The current version of the Policy is available online at https://grand-log.ru/privacy.
Let’s discuss your carriage
690034, Primorsky Krai, Vladivostok, Fadeev st, 47A, office 403/1
Messengers are indicated solely for communication. Personal data is not transferred through them.
© All rights reserved, 2025
INN 2536343405 | OGRN 1242500003954 | OKVED 52.29, 49.10, 49.20, 49.20.1, 49.20.9
