Gazprom Neft’s anti-COVID-19 programme

Read more

Privacy Regulations

We respect your privacy and are committed to protecting your personal data. The present Privacy Regulations (“the Regulations”) are designed to inform you what personal data we collect through our websites and how we use them.

You can also view our Personal Data Handling Policy, which describes all the processes of personal data handling inside the Company, including processes that are beyond the scope of our websites.

The Regulations were prepared in accordance with Federal Law No. 152-FZ “On Personal Data”, dated 27 July 2006, taking account of the provisions of the General Data Protection Regulation (“GDPR”) (Regulation (EU) 2016/679) dated 27 April 2016 and are intended to ensure the respect of human rights and freedoms in the handling of personal data.

The Regulations have the following sections, which can be accessed via the links:

  1. About the personal data operator
  2. Terms and definitions
  3. List of personal data subjects
  4. Purposes of personal data handling
  5. Data handled by us
  6. Principles we adhere to in handling of personal data
  7. Who we obtain your data from
  8. Who can access your data
  9. Cross-border transfer of your personal data
  10. How long we keep your personal data
  11. Safeguarding your personal data
  12. Your rights as a personal data subject

About the personal data operator

We are Gazprom Neft PJSC, a company registered at the address: Pochtamtskaya ul. d. 3-5, lit. A, St. Petersburg, Russia, 190000 (“the Company” or “we”). We receive personal data from users of our websites and handle such personal data as part of our business.

Terms and definitions

Personal data: any information relating directly or indirectly to a specific or identifiable individual (personal data subject). Personal data include, for example: surname, first name, patronymic, passport details, e-mail address, telephone number.

Personal data handling: any action taken in respect of personal data, including the collection, storage, modification, use, transfer and deletion of personal data.

Cross-border transfer of personal data: transfer of personal data to the territory of a foreign state, to a foreign government, a foreign individual or a foreign legal entity.

Cookie file: a data fragment sent by a website server and stored on your device in order to optimize performance of the website.

List of personal data subjects

We handle the personal data of the following visitors to our websites:

  • applicants for the development of research and development (R&D) projects;
  • applicants for the sale/purchase of pre-prepared proposals for the supply of technologies/catalysts for application in the oil refining and petrochemical industries;
  • applicants for new ideas as part of technology partnerships;
  • investors, including potential investors;
  • job applicants;
  • users wishing to leave feedback;
  • users wishing to subscribe to the newsletter;
  • casual visitors (users who visit our websites without a specific purpose).

Purposes of personal data handling

We handle personal data for the following purposes:

  • ensuring the operation of website services, collecting statistics on website visits and displaying relevant advertising;
  • developing efficient technologies for the oil refining and petrochemical industries;
  • development of the Company;
  • selection of candidates to work at the Company and its subsidiaries;
  • collecting feedback;
  • sending information shots;
  • ensuring compliance with the laws of the Russian Federation (including the execution of court orders);
  • exercise of the rights and legitimate interests of the Company or third parties, or the achievement of socially important goals.

Data handled by us

We handle the following personal data:

  • general information about applicants, investors, users and job applicants (for example: full name, citizenship);
  • contact information of applicants, investors, users and job applicants (for example: email address, contact phone number, mailing address);
  • technical information on the devices used by visitors to our websites (for example: IP address, cookies, MAC address, browser version); click here for more information;
  • other information provided by the personal data subject in designated fields of application forms.

We do not collect information related to race, nationality, political views, religious or philosophical beliefs, personal life or health.

Principles we adhere to in handling of personal data

We are guided in the handling of personal data by the provisions of Federal Law No. 152-FZ “On Personal Data”, dated of 27 July 2006, and we also take account of the provisions of the General Data Protection Regulation (“GDPR”) (Regulation (EU) 2016/679), dated 27 April 2016, and we adhere to the following principles:

  • We handle personal data in a way that is legal, fair and understandable. The Company will only handle your personal data if there are legal grounds for doing so. Such grounds may be: your consent, requirements of law, or a contract. In case of personal data subjects under 14 years of age (the respective age for foreign citizens is determined by national legislation) consent must be given by their legal representative.
  • We handle personal data only for the achievement of specific, predetermined and legitimate objectives. We handle your personal data only for achievement of the objectives for which they were collected and do not use them for other purposes.
  • We handle personal data in the composition and in the amount that corresponds to the stated objectives of handling. We collect the minimum amount of personal data that is necessary in order to achieve the data handling objectives.
  • We ensure the accuracy, adequacy and updating of personal data. We take necessary steps to delete or supplement incomplete or inaccurate personal data.
  • We do not store personal data for longer than is required by the purpose of the data handling. We delete your personal data in a timely manner and do not store it after the objectives of its handling have been achieved or after there is no longer any need to achieve these objectives.
  • We ensure the confidentiality of personal data and apply measures to protect the data. Access to the personal data handled by the Company is limited and is only provided to specific employees. We also take steps to protect your personal data from illegal actions.

Who we obtain your data from

We may receive your data:

  • From you. When you visit our websites, we may handle technical information from your device. We may also handle other personal data if you provide them in the appropriate fields.
  • From our subsidiaries and partners. When you navigate from their websites, some of the technical information from your device may be transmitted to us in order to analyze the operation of the websites.
  • From the HeadHunter recruiting service (if you have applied for one of our job vacancies). You can use your HeadHunter profile or create your own profile on our website in order to apply for the vacancy.

Who can access your data

Based on compliance with the principles described above, your personal data may be shared with the following recipients:

  • Our subsidiaries when you visit their websites through links on our websites, and also when you visit their websites for employment purposes.
  • Technical data may be shared with our partner HeadHunter when there is a request to provide data from your profile for response to an advertised job vacancy.
  • Technical data may also be shared with external websites when following their links posted on our websites (for example, when following links to the Company’s social media accounts).
  • Service providers for web analysis and collection of statistics on website visits, and also for the display of relevant advertising.
  • Government agencies (including regulatory agencies, law enforcement agencies, executive and court agencies), to which the Company is obliged to provide information in accordance with applicable law.
  • Other third parties, if you have given consent to data sharing, or if such transfer is necessary in order to provide services under a contract made with you.

Cross-border transfer of your personal data

We handle your personal data inside the Russian Federation.

If you are a resident of a country other than the Russian Federation, cross-border transfer of your personal data to the servers of our websites in the Russian Federation will occur. We do not transfer your personal data obtained via the websites to other countries.

How long we keep your personal data

Your personal data is deleted as soon as the objective of their handling is achieved or if the objective no longer needs to be achieved. However, in some cases we are obliged to keep your personal data for as long as required by applicable law and international agreements.

Safeguarding your personal data

In order to protect your personal data, we:

  • have appointed a person who is responsible for the handling of personal data;
  • have designed local acts on the handling of personal data;
  • take legal, organizational and technical measures to protect personal data from illegal actions;
  • exercise internal control of compliance of personal data handling with requirements of law and requirements of the Company;
  • evaluate potential harm that may be caused to you in case of breach of these requirements;
  • train our employees on rules for the handling of personal data and on information security rules;
  • handle your personal data using databases that are located inside the Russian Federation;
  • respond to your inquiries regarding the handling of your personal data;
  • interact with the agency responsible for protection of the rights of personal data subjects.

Your rights as a personal data subject

You, as a personal data subject, have the right to:

  • correct personal data that have been provided if they are incomplete and (or) incorrect (Art. 14 of Federal Law-152, Art. 16 of GDPR);
  • withdraw consent to the handling of personal data (Art. 9 of Federal Law-152, Art. 7 of GDPR);
  • obtain information regarding the handling of your personal data (Arts. 14, 16 of Federal Law-152, Art. 15 of GDPR);
  • restrict handling and delete personal data (Arts, 14, 15 of Federal Law-152, Arts. 17, 18 of GDPR);
  • complain to us if you believe that your rights and interests have been breached (Art. 17 of Federal Law-152, Art. 21 of GDPR). We will do our best to remedy the situation. Contacts for communicating with us are given in the Contacts section. You also have the right to file a complaint with the appropriate supervisory authority or court.

If you are a subject of European Union law, you also have the following rights under the GDPR:

  • to receive the personal data that has been provided to us in a structured format and to share this data with other organizations (Art. 20 of GDPR);
  • to receive a copy of the personal data handled by the Company (Art. 15 of GDPR);
  • to receive information about any leakage of personal data (Art. 34 of GDPR).

The rights described above may only be exercised if you are uniquely identified as the personal data subject. We notify you of your obligation to provide us with personal data that are accurate.

Date of publication: 13.01.2022
Previous version: 23.07.2020