Privacy Policy
of LLC “Yellow Program Studio”

1. General Provisions

This policy defines the goals, tasks, order, conditions of processing personal data by LLC "Yellow Program Studio" (hereinafter referred to as the Company), as well as measures taken to ensure security when handling such data. The policy is based on Russian legislation concerning personal data protection, including Federal Law No. 152-FZ dated July 27, 2006 ("On Personal Data"). This document serves as a foundation for developing internal regulations regarding the safety of personal data within the company. It applies indefinitely until replaced or terminated upon liquidation of the operator.

2. Terms and Definitions

Processing of personal data: Any action performed with personal data using automated tools or manually, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (dissemination, provision, access), depersonalization, blocking, deletion, destruction.

*Personal data:* Information directly or indirectly related to an identifiable individual (data subject).

*Data Subject:* A physical person identified through their personal data.

*Cookies:* Small files used to enhance website functionality during interaction between users and the site.

The terms used in this policy are defined according to Federal Law No. 152-FZ dated July 27, 2006 ("On Personal Data").

3. Rights of the Data Subject

Rights:
A data subject has the right to receive information about how their personal data is processed under Federal Law No. 152-FZ dated July 27, 2006 ("On Personal Data") or other applicable laws. Requests must be submitted in writing to the company's legal address or via email at e.ivanin@yellowpro.studio.

Obligations of the Company:
To comply with Federal Law No. 152-FZ dated July 27, 2006 ("On Personal Data"), the company undertakes:

- To implement legal, organizational, and technical measures to protect personal data from unauthorized or accidental access.
- Not to disclose personal data without written consent unless required by law.
- Publish this privacy policy on its official website or provide it otherwise.

4. Purposes and Legal Grounds for Processing Personal Data

Purposes:
The company processes personal data for various purposes, including but not limited to:

- Human resources management and accounting.
- Compliance with labor, tax, pension, and enforcement laws.
- Preparation, execution, and performance of civil contracts.
- Recruitment of personnel for vacant positions.
- Organizing internships and practical training programs.
- Marketing activities.
- Statistical analysis.
- Maintenance of the corporate website.
- Voluntary medical insurance.

Legal Basis:
Legal grounds include federal laws, internal regulations, employment agreements, explicit consent provided by the data subjects, and this privacy policy itself.

5. Categories of Personal Data and Data Subjects

Categories of Data Subjects:
The company may process personal data belonging to:

- Employees currently working for the company.
- Former employees who previously worked for the company.
- Job applicants seeking vacancies.
- Interns/students participating in internship programs.
- Personnel of partner companies whose data was transferred by these partners.
- Individuals voluntarily providing their data through the company's website.
- Other individuals giving consent or where processing is legally mandated.

Types of Personal Data Collected:
These categories include surname, first name, patronymic, date of birth, marital status, social standing, income level, gender, contact details, passport data, driver's license number, foreign identity documents, bank account numbers, professional qualifications, work experience records, military service obligations, education history, health condition, criminal record, photographs, etc.

6. Procedure and Conditions for Handling Personal Data

Consent Requirements:
Processing requires voluntary consent except where permitted by law. If a third party transfers personal data to the company, they must inform the data subject about this procedure and obtain necessary consents before transferring them.

Accessibility of Information:
Before commencing any processing activity, the company provides specific information regarding its policies and practices upon request, unless prohibited by law.

Methods of Providing Consent:
Consent can be given through actions like accepting contractual terms, marking checkboxes, filling out forms, or similar methods.

Third Party Processors:
If another entity handles personal data, this will occur only with the consent of the data subject and under a separate agreement specifying responsibilities and safeguards.

Automated vs Manual Processing:
Personal data may be handled either automatically, manually, or in combination depending on operational needs.

Termination of Processing:
Processing ceases once objectives are achieved, consent is withdrawn, or the company is dissolved. Confidentiality remains intact throughout all stages of processing.

7. Security Measures

Security measures involve appointing responsible officers, issuing local regulatory acts, publishing policies online, educating staff members, implementing protective technologies, monitoring compliance with legal requirements, maintaining secure storage facilities, controlling access rights, destroying unused materials properly, and regularly reviewing existing protocols. Specific measures depend on the nature of each situation and applicable regulations.

8. Storage of Personal Data

Stored data includes both paper-based and electronic formats. Paper copies are kept locked away while digital databases remain accessible exclusively to authorized personnel. Electronic data resides solely within Russia’s borders, avoiding cross-border transmission.

9. Updating, Blocking, Clarifying, Destroying Personal Data

Regular updates maintain accuracy, sufficiency, and relevance of stored data relative to intended uses. Incorrect entries are blocked temporarily pending verification efforts. Upon achieving initial goals or withdrawal of consent, further usage terminates followed by appropriate disposal procedures ensuring complete erasure.

Additional Notes Regarding Cookies and Analytics Tools Used by Our Website:
Our websites utilize cookies and analytics services (such as Yandex.Metrica) to improve user experiences. These technologies collect anonymous statistics regarding browsing habits which help us understand visitor preferences better. Users retain control over enabling/disabling cookies through browser settings.

By accessing our sites, you agree to accept these conditions outlined above.
Made on
Tilda