Privacy Notice
This privacy policy («Policy») is applied by Positive Technologies Joint-Stock Company («Company» or «we») located at building 8, office 60, Preobrazhenskaya Square, Moscow, Preobrazhenskoye municipal district, 107061, Russia.
As experts in the protection of devices, infrastructure, and data, we understand the importance of a proper approach to data privacy and security and adhere to the principle of comprehensive and complete protection of our users' personal data.
1. Policy scope
1.1. The Policy applies to an information resource—the website available for use at https://phdays.com/en/ («Website»). The Policy does not apply to other products and websites of the Company unless the documentation of the respective product or website contains a reference to this Policy.
1.2. Your use of the Website shall mean unconditional acceptance of this Policy and personal data processing conditions stated herein. If you disagree with this Policy, you must immediately stop using the Website.
1.3. In this Policy we openly explain all methods and terms of personal data processing when using the Website. You can review the Company's general privacy policy here.
1.4. The Policy was developed by the Company in compliance with Federal Law No. 152-FZ On Personal Data, dated July 27, 2006 («Law»).
2. What is personal data?
2.1. Personal data is any information that refers directly or indirectly to an identified or identifiable individual. The concept of personal data is contextual. This means that depending on the situation, the same data may or may not be considered personal.
2.2. Some examples of personal data are: first name, last name, patronymic name, email address, phone number.
2.3. Personal data may also include technical information if it can be attributed to you: IP address, type of operating system, type of device (computer, cell phone, tablet), browser type, geolocation, web form entries, online service provider, and bank details.
3. Purposes of personal data processing by the Company
We process your personal data collected via the Website for the following purposes:
3.1 To ensure your access to the Website and enable you to use its features.
Last name, first name, patronymic, type of activity, industry, place of work or study, job position, profession, phone number, email address, unique link generated by us for your access to the Website, data on technical means (devices),* information automatically received from the Website, including through the use of cookies,** information obtained as a result of your actions, including information about your comments or questions.
During the term of the User Agreement between you and the Company
3.2 For sending promotional, informational, and other materials to you.
Last name, first name, patronymic, phone number, email address, identifiers in messaging apps and social networks.
During the term of your consent to promotional mailings
3.3 For collecting statistical and analytical information about your use of the Website.
IP address, type of operating system, type of device (PC, cell phone, tablet), browser type, geolocation, the fact of filling out a web form, Internet service provider, date and time of your access to the Website, information about your activity while using the Website (HTTP headers, web beacons, pixel tags, URL data, clicks through the Website and from the Website (including date and time), Website pages you viewed or searched, page response time, loading errors, duration of visits to specific pages, information about interactions with pages (such as scrolling, mouse clicks), methods used to view the page.
During the term of the User Agreement between you and the Company.
3.4 To protect the Website, as well as the rights and lawful interests of the Company***
Last name, first name, phone number, identifiers in messaging apps and social networks, email address.
During the periods established by the laws of the Russian Federation, necessary to protect the Website, as well as the rights and lawful interests of the Company.
* Data about technical devices include the IP address, type of operating system, type of device (PC, cell phone, tablet), browser type, geolocation, the fact of filling out a web form, and internet provider.
** Cookies are text fragments automatically saved in the memory of your internet browser using our Website. This allows the Website to access data saved on your computer and retrieve it when necessary. We use cookies to remember your preferences on the Website. Most Internet browsers save cookies automatically, but you can always change your browser settings and stop saving cookies. You can read more about our use of cookies in Section 9 of our Policy.
*** This includes ensuring the operability and security of the Website, confirming the actions you take, preventing fraud, cyberattacks, and other misuse, and investigating such incidents.
4. How we process your data
4.1. Principles. Minimizing data volume is the core principle we strictly adhere to when processing personal data: we do not collect, store, or otherwise process it unless it is absolutely necessary. We also follow the principles of personal data processing established by current Russian legislation, including the following:
- Legality and fairness of personal data processing
- Processing of personal data strictly for specific, predetermined, and legitimate purposes
- Preventing the merging of databases containing personal data types that are processed for incompatible purposes
- Accuracy, sufficiency, relevance, and reliability of personal data (as far as it depends on us*)
*The Company does not check the validity of personal data or the legal capacity of the person providing such data. By submitting personal data to us, you warrant that it is accurate, current, and does not violate the laws of the Russian Federation.
4.2. Methods. We may process personal data with or without automated data processing tools. The processing may include collection, recording, systematization, accumulation, storage, clarification (updating, modification), electronic copying, extraction, obtaining, use, transmission (provision, access, dissemination), depersonalization, blocking, deletion, or destruction of personal data.
4.3. Collection. When collecting personal data of Russian citizens, we ensure the recording, systematization, accumulation, storage, and clarification (updating, modification) of data using databases located within the territory of the Russian Federation, unless otherwise provided by law.
The collection of personal data can be carried out in the following ways:
- Personal data being provided by you when you fill out forms on the Website
- Automated data collection using technologies and services, such as web protocols, cookies, and web markers that are used only when you enter your data
- Personal data being provided by you in writing, including by means of communication
4.4. Storage. We store personal data exclusively on properly secured media, including electronic ones. The Company has the right to combine personal data into an information system and process it with other software tools. The Company works with information systems of personal data according to a commonly used algorithm (such as collection, systematization, accumulation, storage, clarification, use, blocking, and destruction).
Among other things, we may verify your data with you (via postal mail, email, phone (including mobile), internet, and messaging apps), and periodically contact you via phone (including mobile), email, internet, or messaging apps.
4.5. The company may engage third parties to process your personal data by instructing them to process it and/or by transmitting your personal data to third parties without instructing them to process it. Engaging third parties can only be done to achieve the purposes we have specified for the processing of personal data, and provided that these parties ensure the confidentiality and security of personal data during the processing.
Such third parties may include, in particular, the Company’s partners, including its affiliates, consultants, contractors (including organizations that own servers, persons who make calls, send SMS or any other types of mailings and notifications, persons who conduct surveys and research), contractors and agents (in particular, Mindbox LLC, INN 7713688880, Impulse Code LLC, INN 9725080659, Modal LLC, INN 7707447090). The actual list of third parties engaged by the Company for processing personal data is determined based on the relationship between the Company and you.
4.6. Cross-border data transfer. For purposes stated in this Policy, we may transfer your personal data to countries other than where it was originally obtained. When conducting cross-border transfers, we protect your data in accordance with our Policy and the current laws of the Russian Federation.
4.7. Dissemination refers to the disclosure of data to an undefined group of individuals. For example, if you register for a public event organized by us, which you plan to attend offline (in person), we may publish photo and video recordings from this event (possibly including your participation) on our Website. If, in doing so, we also disseminate your personal data, we will definitely request your consent as required by law.
4.8. Destruction. By default, we destroy personal data once the purposes of their processing have been achieved or when the necessity for achieving these purposes is no longer present. Apart from that, we may erase personal data in the following cases:
- If there is a threat to the Website security.
- If you violate the Policy.
- When the personal data storage period has expired.
- At your request or if you withdraw your consent for personal data processing.
It is important to note that even if you request the deletion of your personal data or withdraw your consent for its processing, we may continue to store and otherwise process it if it is necessary to comply with the current laws of the Russian Federation or if we have other grounds for processing this personal data.
5. Your rights
The main rules for handling personal data, as well as your rights as a data subject are detailed in the Law, which you can find here. For your convenience, we provide a brief description of the main rights provided by the Law:
5.1 Right to know
You have the right to learn more details about the Company's processing of your personal data (Articles 18, 18.1 of the Law). We detail this in our Privacy Policy.
5.2 Right to access
You have the right to know what kind of your personal data we process (Article 14 of the Law).
5.3 Right to rectification and deletion
You can ask us to correct inaccurate, incomplete, or outdated data, as well as to delete it (Clause 3, Article 20 of the Law).
5.4 Right to withdraw consent
You can withdraw your consent to the processing of your personal data whenever you deem it necessary (Part 2, Article 9 of the Law).
For any questions related to personal data, you can contact us in the manner provided in Section 7 of the Policy.
6. Information on personal data protection
All personal data you provide shall be confidential by default. Protection of personal data processed by the Company is ensured by implementation of legal, organizational, and technical measures necessary and sufficient to ensure compliance with requirements of the legislation of the Russian Federation on personal data. However, we always strive to ensure maximum protection of your data and apply more measures to protect personal data than required by legislation. Below are some of them:
- We have appointed a person responsible for the processing of personal data. You can contact this person at the following email address: privacy@ptsecurity.com
- We restrict access to your personal data, granting it only to our employees or partners who need it to achieve the purposes for which we process your data.
- We conduct regular risk assessments related to the processing of personal data and take measures to eliminate or minimize these risks.
- We conduct internal investigations to uncover facts related to unauthorized access to personal data if it is suspected to have occurred.
- We regularly monitor the Company’s network infrastructure and assess its security.
- We educate the Company employees on provisions of the Russian Federation legislation on personal data, including personal data protection requirements, local regulations of the Company on personal data protection, and train the employees regularly.
- We arrange secure premises that store media with personal data to prevent unauthorized access or the presence of individuals who have no right to access such premises.
7. Inquiries of the subject of personal data
7.1. You may send inquiries to the Company, including inquiries regarding the use of your personal data:
- Please send your paper-based inquiries to the following address: 8 Preobrazhenskaya Square, office 60, Preobrazhenskoe District, Moscow, Russian Federation, 107061.
- Please email your inquiries to privacy@ptsecurity.com
7.2. Your inquiry must contain the following information:
- Your national ID number
- Date of ID issue, issuing authority
- Information confirming your relationship with the Company
- Your signature
7.3. The company commits to reviewing the received inquiry and sending a response to the specified address within 10 (ten) business days, provided that the inquiry pertains to the processing of your personal data by the Company. If, for any reason, we need a bit more time to respond, we will send you a message explaining the cause of the delay.
8. Notification of terms and conditions for processing technical data, metric services
8.1. The Website may use captcha services. They help us verify requests and block bots on our Website, as well as make our Website more user-friendly.
8.2. In order for the captcha services to work, we may instruct their owners to collect and process technical data about your device, its activity, and digital fingerprint (token, browser features, referrer, time zone, and more). This data is only collected when you use our Website on which the captcha widget is installed. The captcha services use only technical data and only for the purpose of operating the captcha service on our Website, as well as for the legitimate interest of the captcha service owner to improve the service. The technical data collected by the captcha services does not allow anyone to identify you personally.
8.3. We select captcha services carefully, and they must comply with all the requirements of the Russian laws on the collection, storage, and other processing of user data.
8.4. If you have any questions or concerns about the captcha services used on our Website, please contact us using the contact information provided on the Website. A list of the captcha services and links to their detailed descriptions may be published on our Website and/or provided to you upon request.
8.5. Additionally, Yandex.Metrica may be used for the collection and statistical analysis of data related to the use of the Website. The data collected by Yandex.Metrica can be received and processed by the provider of this service (Yandex LLC). You can familiarize yourself with the list of data collected using Yandex.Metrica here.
9. Cookie processing
9.1 Essential
These cookie files are essential for the functioning of our websites and cannot be disabled. Typically, they are activated only in response to actions you take, such as setting your privacy preferences, logging in, or filling out forms. You can set your browser to block these cookies or alert you about their usage, but some parts of our websites may not work or may not work correctly as a result.
9.2 Operational
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our websites. Thanks to them, we know which pages are the most or least popular and see how visitors move around the websites.
9.3 Targeting
These cookies are set via our websites by our advertising partners. They may be used by these companies to build a profile of your interests and show you relevant ads on other websites. If you do not allow these cookies, you will not experience our targeted advertising across different websites.
9.4 Functional
These cookies enable enhanced functionality and personalization, such as for online chats and videos. They can be set by us or by third-party providers whose services are featured on our pages. If you do not allow these cookies, some or all of these features may not function properly.
To opt out of using these cookies, you can use your browser settings to disable cookies. Detailed instructions on how to disable cookies are available via the following external links:
10. Limited Policy scope and Policy amendments
10.1. You must be reasonable and responsible when placing your personal data where it can be publicly available.
10.2. The Company shall not be responsible for any actions of third parties who gain access to your personal data as a result of your actions.
10.3. The Company has the right to update this Policy as necessary. The policy is subject to mandatory review in case of significant changes in the personal data legislation. The current version of this Policy can be found at: https://phdays.com/en/policies/policy-and-agreements/.
11. Contact information and details of the Company:
Full company name: Joint-Stock Company Positive Technologies
Address: 8 Preobrazhenskaya Square, office 60, Preobrazhenskoe District, Moscow, Russian Federation, 107061
Postal address: 8 Preobrazhenskaya Square, Moscow, Russian Federation, 107061
OGRN (main state registration number): 1077761087117
INN (tax ID): 7718668887 ** KPP (tax registration event code):** 771801001 ** Chief Executive Officer:** Mr. Denis Sergeyevich Baranov
Contact details: Phone: +7495744 01 44. Fax: +7 495 744 01 87
Email: info@ptsecurity.com