Privacy Policy for the Processing of Personal Data
1. General Provisions
This personal data processing policy is prepared in accordance with the Federal Law of 27.07.2006 No. 152-FZ "On Personal Data" (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data taken by Sole Proprietor Olga Georgievna Matveeva (hereinafter referred to as the Operator).
1.1. The Operator considers compliance with the rights and freedoms of individuals and citizens in the processing of their personal data, including the protection of the right to privacy, personal and family secrets, as a primary goal and condition for carrying out its activities.
1.2. This Policy applies to all information that the Operator may obtain about visitors of the website noble-gift.com.
2. Basic Terms Used in the Policy
2.1. Automated processing of personal data – processing of personal data using computing technology.
2.2. Blocking of personal data – temporary suspension of the processing of personal data (except when processing is necessary to clarify personal data).
2.3. Website – a set of graphic and informational materials, as well as software and databases that ensure their availability on the Internet at noble-gift.com.
2.4. Personal data information system – a set of personal data contained in databases and the information technologies and technical means that ensure their processing.
2.5. Depersonalization of personal data – actions that make it impossible to determine the ownership of personal data by a specific User or other data subject without using additional information.
2.6. Processing of personal data – any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction.
2.7. Operator – a state body, municipal body, legal or natural person who independently or jointly with others organizes and/or performs personal data processing, as well as determines the purposes of personal data processing, the composition of personal data to be processed, and actions (operations) performed with personal data.
2.8. Personal data – any information directly or indirectly related to a specific or identifiable User of the website noble-gift.com.
2.9. Personal data made publicly available by the data subject – personal data to which an unlimited number of persons have been granted access by the data subject by giving consent in accordance with the Personal Data Law.
2.10. User – any visitor to the website noble-gift.com.
2.11. Provision of personal data – actions aimed at disclosing personal data to a certain person or group of persons.
2.12. Distribution of personal data – any actions aimed at disclosing personal data to an indefinite group of persons (transferring personal data) or at making personal data available to an unlimited group of persons.
2.13. Cross-border transfer of personal data – transfer of personal data to the territory of a foreign country to a foreign government authority, foreign individual, or foreign legal entity.
2.14. Destruction of personal data – actions resulting in the irreversible destruction of personal data without the possibility of further recovery.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to:

• Receive accurate information and/or documents containing personal data from the data subject;
• Continue processing personal data without the data subject's consent in cases provided for by the Personal Data Law;
• Independently determine the scope and list of measures necessary to comply with legal requirements unless otherwise specified.

3.2. The Operator is obliged to:

• Provide the data subject with information regarding their personal data processing;
• Organize the processing of personal data in accordance with Russian law;
• Respond to requests from data subjects and their legal representatives;
• Report required information to the authorized body upon request;
• Publish or otherwise provide unrestricted access to this Policy;
• Take legal, organizational, and technical measures to protect personal data;
• Cease the transfer, processing, and destruction of personal data as required by law;
• Comply with other obligations established by law.

4. Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:

• Receive information regarding the processing of their personal data;
• Require the Operator to clarify, block, or destroy their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or no longer necessary;
• Set conditions for prior consent when processing personal data for marketing;
• Withdraw consent for personal data processing;
• File complaints with the authorized body or in court against unlawful actions;
• Exercise other rights established by Russian law.

4.2. Personal data subjects must:

• Provide accurate data about themselves;
• Inform the Operator of updates or changes to their personal data.

4.3. Persons who provide false data or data about another person without consent bear legal responsibility.
5. Principles of Personal Data Processing

• Lawful and fair basis;
• Purpose limitation;
• Data minimization and relevance;
• Accuracy and up-to-date status;
• Storage limitation;
• Security and confidentiality.

6. Purpose of Processing

• Order clarification
• Personal Data Collected: Full name, email, phone number(s)
• Legal Basis: Federal Law No. 149-FZ "On Information, Information Technologies and Information Protection"
• Types of Processing: Collection, recording, systematization, accumulation, storage, destruction, and depersonalization

7. Conditions for Processing

• Based on consent or legal necessity;
• To fulfill legal or contractual obligations;
• To pursue legitimate interests not infringing on personal rights.

8. Collection, Storage, and Security

• Data security is ensured through legal, technical, and organizational measures;
• Personal data will not be shared with third parties without consent or legal basis;
• Users can update their data by contacting bk.podarok@yandex.ru;
• Consent may be withdrawn at any time via the same email;
• Third-party services process data according to their own privacy policies;
• Public interest processing may override restrictions on dissemination;
• Data is stored no longer than necessary for the purposes of processing.

9. List of Processing Actions

• Collection, recording, systematization, accumulation, storage, updating, use, transfer, depersonalization, blocking, deletion, destruction;
• Automated processing including communication over networks.

10. Cross-Border Transfer

• Prior notification to the authorized data protection body is required;
• Information must be obtained from foreign recipients before transfer.

11. Confidentiality

• All persons accessing personal data must not disclose or share it without legal grounds.

12. Final Provisions

• Users may contact the Operator at bk.podarok@yandex.ru for inquiries;
• The Policy is valid indefinitely until replaced;
• The current version is available at noble-gift.com/policy