Track orders
Delivery City
Stavropol
Contact us
+370 69198938

Privacy Policy and Cookie Policy

Policy on the Processing of Personal Data of LLC "Russian Bouquet"

  1. Terms and Definitions

In this Policy on the Processing of Personal Data, the following terms are used in the following meanings: 

Policy - the present document, located on the Internet at https://rus-buket.ru/privacy

Personal Data - any information relating directly or indirectly to a specific individual (subject of personal data). 

Processing of Personal Data - any action (operation) or set of actions (operations), performed using automation tools or without using such tools with Personal Data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of Personal Data. 

Provision of Personal Data - actions aimed at disclosing Personal Data to a certain person or a certain group of persons. Blocking of Personal Data - temporary cessation of Processing of Personal Data (except in cases where Processing is necessary for clarifying Personal Data). 

Destruction of Personal Data - actions as a result of which it becomes impossible to restore the content of Personal Data in the personal data information system and (or) as a result of which material carriers of Personal Data are destroyed. 

Anonymization of Personal Data - actions as a result of which it becomes impossible, without the use of additional information, to determine the belonging of Personal Data to a specific subject of Personal Data. 

Cross-border transfer of Personal Data - transfer of Personal Data to the territory of a foreign state to the authority of a foreign state, a foreign individual or a foreign legal entity. Customer - a legally and operationally capable individual, purchasing a Product exclusively for personal, family, home and other needs, not related to the conduct of entrepreneurial activity. 

Recipient - a third party, indicated by the Customer as the recipient of the Product, if the recipient of the Product is not the User. 

Order - the execution of actions by the Customer, aimed at concluding a public offer contract, by placing an order on the website or in the mobile application. 

Product - the object of purchase-sale (thing), not withdrawn from civil circulation and not limited in it, which is the subject of a public offer contract. 

Executor - a legal entity, indicated in the public offer contract as the Executor for the order placed on the websitehttps://rus-buket.ru/oferta (hereinafter referred to as the website) or in the mobile application Russian Bouquet (hereinafter referred to as the mobile application).

  1. General Objectives of the Policy

2.1. The Policy on the Processing of Personal Data of LLC "Russian Bouquet" (hereinafter referred to as the Policy) is the fundamental document that determines the general principles, objectives, legal basis for the processing of personal data, main rights and obligations of LLC "Russian Bouquet" (hereinafter referred to as the Company) and subjects of personal data, scope and categories of processed personal data, categories of subjects of personal data, order and conditions of processing personal data in LLC "Russian Bouquet", as well as measures to ensure the security of personal data during their processing. 

2.2. The Policy has been developed in accordance with Federal Law dated 27.07.2006 No. 152-FZ "On Personal Data" and other federal laws and bylaws of the Russian Federation, defining cases and peculiarities of personal data processing and ensuring security and confidentiality of such information.

2.3. The Policy has been developed to implement the requirements of the legislation on the processing and security of personal data and is aimed at protecting the rights and freedoms of the individual and citizen when processing his personal data in the Company. The provisions of the Policy serve as the basis for organizing work on personal data processing in the Company, including for the development of internal regulatory documents regulating the process of personal data processing in the Company. The Policy is obligatory for compliance by all employees directly processing personal data or having access to them. 

The requirements of the Policy are taken into account in relations with third parties when necessary for their participation in the process of personal data processing by the Company, as well as in cases of personal data transfer in the prescribed manner based on transactions. Unrestricted access to the Policy is provided by the Company by publishing it on the Company's websites and mobile applications. 

2.4. The Policy regulates the processing of personal data of the following individuals (hereinafter referred to as Subjects of Personal Data): 

  • Customers and Recipients of the Product; 
  • representatives of the Company's counterparties; 
  • candidates for filling vacant positions in the Company; 
  • employees and former employees of the Company; 
  • participants in loyalty bonus programs.
  1. Principles of Personal Data Processing

3.1. The Company carries out the processing of personal data based on the following principles: 

  • legality and fair basis; 
  • limitation of personal data processing by achieving specific, predefined, and legitimate purposes, compatibility of personal data processing with the purposes of collection; 
  • inadmissibility of combining databases containing personal data, the processing of which is carried out for incompatible purposes; 
  • ensuring the content and volume of processed personal data correspond to the stated purposes of processing. Processed personal data should not be excessive in relation to the stated purposes of their processing; 
  • prevention of processing personal data that are excessive in relation to the stated purposes of personal data processing; 
  • ensuring the accuracy, sufficiency, and relevance of personal data in relation to the stated purposes of processing;
  • destruction or depersonalization of personal data upon achievement of the purposes of their processing or in case of loss of the need to achieve these purposes, unless otherwise provided by federal laws; 
  • storage of personal data in a form that allows identifying the subject of personal data, no longer than required by the purposes of their processing, if the period for storing personal data is not established by federal law, a contract, the party to which, the beneficiary or the guarantor of which is the subject of personal data; 
  • ensuring confidentiality and security of processed personal data.

3.2. The Company does not verify the personal information provided by the Subjects and cannot judge its reliability, as well as whether the subject has sufficient legal capacity to provide Personal Information. However, the Company assumes that the Subject has provided reliable and sufficient Personal Information.

  1. Fundamental Rights and Obligations of the Company and the Personal Data Subject

In the process of personal data handling, the Company and the Personal Data Subject exercise the following rights and obligations. 

4.1. The Company is entitled to: 

4.1.1. process the Personal Data Subject's data in accordance with the stated purpose; 4.1.2. require from the Personal Data Subject the provision of accurate personal data, necessary for the execution of a contract, the identification of the Personal Data Subject, as well as in other cases stipulated by the legislation of the Russian Federation on personal data; 

4.1.3. process publicly available personal data; 

4.1.4. entrust the processing of personal data to another party with the consent of the Personal Data Subject; 

4.1.5. provide personal data to third parties, if this is provided for by the legislation of the Russian Federation (tax authorities, law enforcement agencies, etc.); 

4.1.6. defend its interests in court; 

4.1.7. exercise other rights provided for by the legislation of the Russian Federation.

4.2. The Personal Data Subject is entitled to: 

4.2.1. receive from the Company information related to the processing of his/her personal data, including: 

  • confirmation of the fact that the Company is processing personal data; 
  • legal grounds and purposes for processing personal data; 
  • the Company's methods and objectives for processing personal data; 
  • the name and location of the Company, information about individuals (excluding Company employees) who have access to personal data or to whom personal data may be disclosed under a contract with the Company or under federal law; 
  • personal data being processed related to the relevant Personal Data Subject, the source of their receipt, unless a different order of presentation of such data is provided by federal law; • terms of personal data processing, including their storage period;
  • the procedure for exercising by the Personal Data Subject of rights provided by the Federal Law of 27.07.2006 No. 152-FZ "On Personal Data"; 
  • information about cross-border data transfer; 
  • the name, surname, first name, middle name, and address of the person processing personal data on behalf of the Company, if processing is entrusted or will be entrusted to the specified person; 
  • other information provided by Federal Law of 27.07.2006 No. 152-FZ "On Personal Data" or other federal laws. 

4.2.2. provide the Company with accurate personal data; 4.2.3. inform the Company about changes to their personal data within no more than 5 working days from the date of their change;

 4.2.4. require from the Company to update, change their personal data, destroy personal data, in cases where personal data are incomplete, outdated, inaccurate, illegally used, or not necessary for the stated processing purpose; 

4.2.5. take measures provided by law to protect their rights; 

4.2.6. withdraw their consent to the processing of personal data. 

4.3. The Company is obliged to: 

4.3.1. provide the Subject, upon his/her request, with the information stipulated in clause 4.2.1. 

4.3.2. when collecting personal data, ensure the recording, systematization, accumulation, storage, refinement (update, change), extraction of personal data of Subjects - citizens of the Russian Federation using databases located on the territory of the Russian Federation; 4.3.3. fulfill other obligations provided by the legislation of the Russian Federation.

  1. Purposes of processing, scope, and categories of processed personal data

5.1. Personal data is processed by the Company for the following purposes: 

  • ensuring compliance with the Constitution of the Russian Federation, legislative and other regulatory legal acts of the Russian Federation, local regulatory acts, and other internal documents of the Company; 
  • execution of rights and obligations imposed by the legislation of the Russian Federation on the Company, including the provision of personal data to the Pension Fund of the Russian Federation, the Social Insurance Fund of the Russian Federation, the Federal Compulsory Medical Insurance Fund, FGIS, and other authorities; 
  • registration of visitors on the website and mobile application, providing access to certain sections, providing information about the Company and its group of entities, about the services and events of the Company, communication with website visitors, organization of visitors' participation in events, holidays, and surveys, sending news materials to visitors, execution of powers and duties imposed on the Company by the legislation of the Russian Federation; 
  • use of the internet site and mobile application rus-buket.ru by the Customer; 
  • informing the Customer about the execution of the Order; 
  • transfer of the Customer's/Recipient's Personal Data to the Executor for the purpose of executing the contract offer concluded with the Customer; 
  • transfer of the Customer's/Recipient's Personal Data to third parties, for the purpose of delivering the Product to the Customer/Recipient; 
  • conclusion and execution of contracts with the Executor under the public offer contract; 
  • settlement of the Customer's claims; 
  • sending advertising materials to the Customer; 
  • conducting audits and other internal investigations to improve the quality of the services provided by the Executor; 
  • transfer of the Customer's Personal Data to credit organizations involved in conducting operations carried out by the Customer using payment cards when paying for Goods on the website or in the mobile application and/or when refunding money to the Customer.
  • organizing user participation in loyalty bonus programs; 
  • implementation of labor relations with Company employees, including personnel accounting, salary calculation, accrual and payment, assistance in employment, implementation of training activities, development and evaluation of personnel, evaluation of employee efficiency and work results, their promotion, organization of receipt, support and service of the use of electronic signatures, control of the quantity and quality of work performed, conducting internal official investigations and checks, organization by the Company of document storage and destruction, including after the termination of labor relations; 
  • selection of potential employees, conclusion of employment contracts and arrangement of employment relations; 
  • conducting accounting and tax accounting, payment of taxes; 
  • execution of requests from authorized state and municipal bodies and Subjects of personal data; 
  • for other purposes provided by the regulatory legal acts of the Russian Federation.

5.2. Composition of processed Personal Data. At its discretion, the Company may process the following personal data as necessary.

5.2.1 Personal data of the Customer: 

  • surname, first name, patronymic; 
  • gender; 
  • citizenship; 
  • date and place of birth; 
  • delivery address, which may be the place of residence or work; 
  • identity document data (name, series, number, name of the issuing authority, date of issue of the document); 
  • contact phone numbers; 
  • e-mail, username on the Internet, data about the account created on the website or mobile application; 
  • payment details; 
  • metadata, cookie data, cookie identifiers, IP addresses, browser and operating system information, information about the model of the mobile device, as well as software versions.

5.2.2 Personal data of the Product Recipients: 

  • surname, first name, patronymic; 
  • gender; 
  • delivery address, which may be the place of residence or work; 
  • identity document data (name, series, number, name of the issuing authority, date of issue of the document); 
  • contact phone numbers.

5.2.3 Personal data of representatives of the Company's counterparties: 

  • surname, first name, patronymic; 
  • mobile phone number; 
  • e-mail; 
  • employer's name; 
  • employer's address; 
  • position; 
  • other personal data provided by counterparties.

5.2.4 Personal data of candidates for the Company's positions: 

  • surname, first name, patronymic; 
  • date of birth; 
  • position; 
  • place of residence; 
  • mobile phone number; 
  • e-mail; 
  • information about education, work experience, qualifications; 
  • other personal data provided by candidates.

5.2.5. Personal data of the Company's employees and former employees: 

  • surname, first name, patronymic; 
  • gender; 
  • citizenship; 
  • date and place of birth; 
  • photograph; 
  • passport data; 
  • registration address at the place of residence; 
  • actual residence address; 
  • contact information; 
  • individual tax number; 
  • insurance individual account number (SNILS); 
  • information about education, qualifications, professional training, and advanced training; 
  • marital status, presence of children, kinship; 
  • information about work activities, including the presence of rewards, honors, and disciplinary penalties; 
  • data on marriage registration; 
  • military registration information; 
  • disability information; 
  • information about alimony withholding; 
  • information about income from the previous workplace; 
  • other personal data provided by employees in accordance with labor law requirements.

5.2.6. Personal data of loyalty bonus program participants: 

  • surname, first name, patronymic; 
  • gender; 
  • citizenship; 
  • date and place of birth; 
  • delivery address, which may be the place of residence and/or work; 
  • identity document data (name, series, number, name of the issuing authority, date of issue of the document); 
  • contact phone numbers; 
  • e-mail addresses, username on the Internet, data about the account created on the website or mobile application; 
  • payment details; 
  • metadata, cookie data, cookie identifiers, IP addresses, browser and operating system information, mobile device model, as well as software versions.

5.3. Only depersonalized personal data is collected using cookies and cookie identifiers. In the future, those depersonalized data used in the services of "Yandex Metrika", in accordance with the privacy polititical Yandex placed on the website https://yandex.ru/legal/confidential/ and "Google Analytics", in compliance with Google Policy, posted on the Internet site https://support.google.com/analytics/answer/6004245?hl=ru.

  1. Legal basis for personal data processing

The legal grounds for processing personal data to achieve the goals specified in Section 5 of the Policy are: 

6.1. Federal laws and other regulatory legal acts governing relations related to the Company's activities, including:

  • Federal Law No. 152-FZ of July 27, 2006 "On Personal Data"; 
  • Labor Code of the Russian Federation; 
  • Civil Code of the Russian Federation; 
  • Tax Code of the Russian Federation; 
  • Federal Law No. 402-FZ of December 6, 2011 "On Accounting"; 
  • Federal Law No. 167-FZ of December 15, 2001 "On Mandatory Pension Insurance in the Russian Federation"; 
  • Federal Law No. 255-FZ of December 29, 2006 "On Mandatory Social Insurance for Temporary Disability and Maternity"; 
  • Federal Law No. 125-FZ of July 24, 1998 "On Mandatory Social Insurance Against Industrial Accidents and Occupational Diseases"; 
  • Federal Law No. 326-FZ of November 29, 2010 "On Mandatory Medical Insurance in the Russian Federation"; 
  • Federal Law No. 273-FZ of December 25, 2008 "On Combating Corruption"; 
  • Federal Law No. 14-FZ of February 8, 1998 "On Limited Liability Companies"; 
  • Federal Law No. 63-FZ of April 6, 2011 "On Electronic Signature"; 
  • RF Law N 2300-1 of February 7, 1992 "On Consumer Rights Protection"; 
  • Federal Law No. 115-FZ of July 25, 2002 "On the Legal Status of Foreign Citizens in the Russian Federation"; 
  • Federal Law No. 53-FZ of March 28, 1998 "On Military Duty and Military Service"; 
  • RF Government Resolution No. 719 of November 27, 2006 "On Approval of the Military Registration Regulation"; 
  • Other regulatory legal acts.

6.2. The Company's Charter.

6.3. Contracts, the party or the Customer or Recipient of which is the subject of personal data.

6.4. Public offer contract and other contracts concluded between the Company and a third party entrusting the Company with personal data processing.

6.5. The Company's internal regulations and documents.

6.6. Consent to personal data processing.

  1. Procedure and conditions for personal data processing

7.1. The Company processes Personal data with the consent of the Personal data subjects, expressed in any form that confirms the fact of receiving consent. Personal data processing may be carried out without the consent of the Personal Data Subjects only in the presence of conditions allowing such processing in accordance with Article 6 of the Federal Law of the Russian Federation No. 152-FZ of July 27, 2006 "On Personal Data".

7.2. When placing an Order on the website or in the mobile application, the Customer gives his consent to the processing of personal data. 

7.3. By clicking the "Place Order" button, the Customer confirms that he is familiar with this Policy and gives his consent for the transfer of personal data to third parties, who may perform the following actions:

  • directly fulfill orders and deliver created Orders to recipients
  • accept money for orders made on the website www.rus-buket.ru
  • carry out activities, processed in accordance with this Policy. 

 

7.4. When specifying in the Order the personal data of third parties, including Recipients of Orders, the Customer gives his consent to the processing of their personal data. 

7.5. The Company may transfer the personal data necessary to fulfill the Customer's Order to third parties directly accepting funds on the website www.rus-buket.ru . These persons conclude a public offer agreement with the Customer, depending on the region in which the Order is to be delivered. And are responsible to the Customer for the proper execution of the Order.

7.6. Personal data can be obtained by the Company in one of the following ways: 

  • provided by Personal Data Subjects when using the website or mobile application, including by filling out relevant forms, through sending mail or electronic letters to the email addresses of the Company, etc.; 
  • provided by Personal Data Subjects in other ways; 
  • received from third parties in cases provided by this Policy. 

7.7. The Company has the right to entrust the processing of Personal data to a third party on the basis of a contract concluded with this party (operator assignment). A person processing personal data on behalf of the Company is obliged to observe the principles and rules of personal data processing. The Company undertakes to ensure compliance with this condition. 

7.8. The Company processes personal data in the following ways:

  • non-automated processing of personal data;
  • automated processing of personal data with the transmission of received information through information and telecommunication networks or without it;
  • mixed processing of personal data.

7.9. The Company carries out collection, receipt, recording, systematization, searching, analysis, acquisition, comparison, matching, accumulation, storage, clarification (update, change), extraction, use, transmission (distribution, provision, access), blocking, deletion, destruction and other actions with personal data. 

7.10. The Company ensures the Processing of Personal data of Personal data subjects - citizens of the Russian Federation using databases located in the territory of the Russian Federation, except in cases provided for in paragraphs 2, 3, 4, 8 of part 1 of Article 6 of the Federal Law of the Russian Federation No. 152-FZ of July 27, 2006 "On Personal Data".

7.11. The Company does not process special categories of Personal data relating to race, nationality, political views, religious or philosophical beliefs, health status, private life. 

7.12. The Company does not carry out Cross-border transfer of Personal Data. When placing an order by the Customer for the delivery of Goods outside the Russian Federation, Customer data is not transmitted and processed only in the Russian Federation. The data about the Recipient required for the delivery of the Order is transmitted only if the Recipient is not a citizen of the Russian Federation. In case of placing an order outside the Russian Federation, the Customer guarantees that the Recipient is not a citizen of the Russian Federation, and all the data specified by the Customer for the delivery of the Goods are not transmitted as part of the Cross-border transfer of Personal Data.

The Company is not responsible for the accuracy of the information specified by the Customer about the Recipient and the Company is not responsible for the processing of personal data of Recipients specified by the Customer when placing an Order.

7.13. The processing of Personal data can be carried out by the Company's employees. 

 

7.14. The Company and other persons who have access to personal data are obliged not to disclose to third parties and not to disseminate personal data without the consent of the Personal data subject, unless otherwise provided by federal law. 

 

7.15. The Company terminates the processing of personal data upon achieving the goals of personal data processing, expiration of the consent term, or withdrawal of consent by the Subject for the processing of his personal data, as well as upon detection of unlawful processing of personal data.

  1. Terms of storage, processing, deletion, and destruction of personal data

8.1. The terms for processing and storing the personal data of personal data subjects are determined based on the processing objectives: 

  • Customers' personal data - during the use of the website and mobile application, no longer than 20 years from the date of the last usage. 
  • Recipients' personal data - within 20 years from the moment of order delivery to the recipient. 
  • The personal data of the Company's contractors - during the contract's term, no longer than 15 years from the termination of the said term. 
  • The personal data of the Company's job candidates - within 30 working days from the refusal of employment or during the entire term of employment with the company. 
  • The personal data of the Company's employees and former employees - during the term of the employment contract, and after its termination in accordance with the terms set by the legislation of the Russian Federation for this category of persons. 
  • Personal data of Personal Data Subjects mentioned in clause 3.2.6 of the Policy - within 20 years. 
  • Personal data of loyalty program participants - within 20 years. 

8.2. Personal data whose storage and processing periods have expired must be destroyed unless otherwise provided by law. 

8.3. The storage of personal data is carried out in a form that allows the subject to be identified, no longer than the above-mentioned terms or no longer than the purposes of personal data processing require, if the period for storing personal data is not determined by the current legislation of the Russian Federation, this Policy, a contract, the party to which or the beneficiary of which is the Subject. 

8.4. The Company destroys the personal data of the Subject in the following cases, within the terms specified below: 

  • Reaching the maximum storage period - within 30 days; 
  • Provision by the Subject or his representative of confirmation that the personal data were unlawfully obtained or are not necessary for processing - within 7 days; 
  • Inability to ensure the lawfulness of processing - within 7 days; 
  • The Subject's withdrawal of consent to the processing of his personal data, if the retention of personal data is no longer required for the purposes of personal data processing - within 30 days; 
  • Expiry of the statute of limitations for legal relationships within which personal data processing was carried out - within 7 days.
  1. Measures to ensure the security and protection of personal data

9.1. To ensure the security of personal data and their protection during the processing of personal data, the Company takes the necessary and sufficient legal, organizational, and technical measures to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data, in particular: 

 

  • Organizational and technical measures are implemented to ensure the security of personal data during their processing in personal data information systems, necessary for complying with the requirements for the protection of personal data, the fulfillment of which ensures the levels of protection of personal data established by the Government of the Russian Federation; 
  • Means of information protection that have undergone the necessary conformity assessment procedure are used; 
  • An evaluation of the effectiveness of the measures taken to ensure the security of personal data is carried out before the personal data information system is put into operation; 
  • Personal data carriers are accounted for; 
  • Measures are taken to detect incidents of unauthorized access to personal data and to take necessary measures to prevent unauthorized access; 
  • The ability to restore personal data lost as a result of unauthorized access to them is implemented; 
  • The rules for access to personal data processed in the personal data information system are established, and all actions performed with personal data in the personal data information system are registered and accounted for; 
  • Control over the effectiveness of measures to ensure the security during the processing and storage of personal data is carried out, as well as monitoring the security of personal data information systems.

9.2. The Company employs the following measures to ensure compliance with the provisions of the Federal Law No. 152-FZ of July 27, 2006 "On Personal Data", in the area of personal data processing: 

  • An individual is appointed to be responsible for organizing the processing of personal data; • Local acts are developed on matters of personal data processing; 
  • Checks are made for the presence in contracts with counterparties and, if necessary, the inclusion of information on the security of personal data in these contracts; 
  • Physical security of premises and means of personal data processing is ensured, including individual key access, security, video surveillance; 
  • Other organizational and technical measures to ensure the security of personal data are applied in accordance with Russian legislation; 
  • Internal control is carried out for compliance with personal data processing in accordance with Russian legislation, requirements for personal data protection, the Company's personal data processing policy, and the Company's internal regulations; 
  • Company employees who process personal data are familiarized with the provisions of Russian legislation on personal data, including the requirements for personal data protection, the Company's policy on personal data processing, and other internal documents of the Company on matters of personal data processing. 
  • Access to personal data by employees is restricted; 
  • Regular control is carried out to ensure the Company's personal data processing compliance with Russian legislation.
  1. Responses to inquiries from personal data subjects

10.1. For the purpose of exercising the rights established by the Federal Law "On Personal Data", a personal data subject or their representative may contact the Company with an appeal or request. 

10.2. Such appeals and requests are sent to the Company in simple written form, indicating the mandatory details provided by the legislation of the Russian Federation, by mail to the address specified in the contact section.

 

Flower Delivery
Cities of Russia
All over the world
Russia
Chelyabinsk Kazan Krasnodar Krasnoyarsk Moscow Nizhniy-Novgorod Novosibirsk Omsk Perm Rostov-on-Don Saint Petersburg Samara Ufa Ulyanovsk Volgograd Voronezh Yekaterinburg
Cities of Stavropol region
World
All countries and cities of the world
You did not find the correct location?
Call us at +370 69198938
Home
Catalog
Cart
Chat
Log In