We respect your privacy and are committed to protecting your personal data. The present Privacy Regulations (“the Regulations”) are designed to inform you what personal data we collect through our websites and how we use them.
You can also view our Personal Data Handling Policy, which describes all the processes of personal data handling inside the Company, including processes that are beyond the scope of our websites.
The Regulations were prepared in accordance with Federal Law No.
The Regulations have the following sections, which can be accessed via the links:
- About the personal data operator
- Terms and definitions
- List of personal data subjects
- Purposes of personal data handling
- Data handled by us
- Principles we adhere to in handling of personal data
- Who we obtain your data from
- Who can access your data
- Cross-border transfer of your personal data
- How long we keep your personal data
- Safeguarding your personal data
- Your rights as a personal data subject
About the personal data operator
We are Gazprom Neft PJSC, a company registered at the address: Pochtamtskaya ul. d.
Terms and definitions
Personal data: any information relating directly or indirectly to a specific or identifiable individual (personal data subject). Personal data include, for example: surname, first name, patronymic, passport details, e-mail address, telephone number.
Personal data handling: any action taken in respect of personal data, including the collection, storage, modification, use, transfer and deletion of personal data.
Cross-border transfer of personal data: transfer of personal data to the territory of a foreign state, to a foreign government, a foreign individual or a foreign legal entity.
Cookie file: a data fragment sent by a website server and stored on your device in order to optimize performance of the website.
List of personal data subjects
We handle the personal data of the following visitors to our websites:
- applicants for the development of research and development (R&D) projects;
- applicants for the sale/purchase of pre-prepared proposals for the supply of technologies/catalysts for application in the oil refining and petrochemical industries;
- applicants for new ideas as part of technology partnerships;
- investors, including potential investors;
- job applicants;
- users wishing to leave feedback;
- users wishing to subscribe to the newsletter;
- casual visitors (users who visit our websites without a specific purpose).
Purposes of personal data handling
We handle personal data for the following purposes:
- ensuring the operation of website services, collecting statistics on website visits and displaying relevant advertising;
- developing efficient technologies for the oil refining and petrochemical industries;
- development of the Company;
- selection of candidates to work at the Company and its subsidiaries;
- collecting feedback;
- sending information shots;
- ensuring compliance with the laws of the Russian Federation (including the execution of court orders);
- exercise of the rights and legitimate interests of the Company or third parties, or the achievement of socially important goals.
Data handled by us
We handle the following personal data:
- general information about applicants, investors, users and job applicants (for example: full name, citizenship);
- contact information of applicants, investors, users and job applicants (for example: email address, contact phone number, mailing address);
- technical information on the devices used by visitors to our websites (for example: IP address, cookies, MAC address, browser version); click here for more information;
- other information provided by the personal data subject in designated fields of application forms.
We do not collect information related to race, nationality, political views, religious or philosophical beliefs, personal life or health.
Principles we adhere to in handling of personal data
We are guided in the handling of personal data by the provisions of Federal Law No.
- We handle personal data in a way that is legal, fair and understandable. The Company will only handle your personal data if there are legal grounds for doing so. Such grounds may be: your consent, requirements of law, or a contract. In case of personal data subjects under 14 years of age (the respective age for foreign citizens is determined by national legislation) consent must be given by their legal representative.
- We handle personal data only for the achievement of specific, predetermined and legitimate objectives. We handle your personal data only for achievement of the objectives for which they were collected and do not use them for other purposes.
- We handle personal data in the composition and in the amount that corresponds to the stated objectives of handling. We collect the minimum amount of personal data that is necessary in order to achieve the data handling objectives.
- We ensure the accuracy, adequacy and updating of personal data. We take necessary steps to delete or supplement incomplete or inaccurate personal data.
- We do not store personal data for longer than is required by the purpose of the data handling. We delete your personal data in a timely manner and do not store it after the objectives of its handling have been achieved or after there is no longer any need to achieve these objectives.
- We ensure the confidentiality of personal data and apply measures to protect the data. Access to the personal data handled by the Company is limited and is only provided to specific employees. We also take steps to protect your personal data from illegal actions.
Who we obtain your data from
We may receive your data:
- From you. When you visit our websites, we may handle technical information from your device. We may also handle other personal data if you provide them in the appropriate fields.
- From our subsidiaries and partners. When you navigate from their websites, some of the technical information from your device may be transmitted to us in order to analyze the operation of the websites.
- From the HeadHunter recruiting service (if you have applied for one of our job vacancies). You can use your HeadHunter profile or create your own profile on our website in order to apply for the vacancy.
Who can access your data
Based on compliance with the principles described above, your personal data may be shared with the following recipients:
- Our subsidiaries when you visit their websites through links on our websites, and also when you visit their websites for employment purposes.
- Technical data may be shared with our partner HeadHunter when there is a request to provide data from your profile for response to an advertised job vacancy.
- Technical data may also be shared with external websites when following their links posted on our websites (for example, when following links to the Company’s social media accounts).
- Service providers for web analysis and collection of statistics on website visits, and also for the display of relevant advertising.
- Government agencies (including regulatory agencies, law enforcement agencies, executive and court agencies), to which the Company is obliged to provide information in accordance with applicable law.
- Other third parties, if you have given consent to data sharing, or if such transfer is necessary in order to provide services under a contract made with you.
Cross-border transfer of your personal data
We handle your personal data inside the Russian Federation.
If you are a resident of a country other than the Russian Federation, cross-border transfer of your personal data to the servers of our websites in the Russian Federation will occur. We do not transfer your personal data obtained via the websites to other countries.
How long we keep your personal data
Your personal data is deleted as soon as the objective of their handling is achieved or if the objective no longer needs to be achieved. However, in some cases we are obliged to keep your personal data for as long as required by applicable law and international agreements.
Safeguarding your personal data
In order to protect your personal data, we:
- have appointed a person who is responsible for the handling of personal data;
- have designed local acts on the handling of personal data;
- take legal, organizational and technical measures to protect personal data from illegal actions;
- exercise internal control of compliance of personal data handling with requirements of law and requirements of the Company;
- evaluate potential harm that may be caused to you in case of breach of these requirements;
- train our employees on rules for the handling of personal data and on information security rules;
- handle your personal data using databases that are located inside the Russian Federation;
- respond to your inquiries regarding the handling of your personal data;
- interact with the agency responsible for protection of the rights of personal data subjects.
Your rights as a personal data subject
You, as a personal data subject, have the right to:
- correct personal data that have been provided if they are incomplete and (or) incorrect (Art. 14 of Federal Law-152, Art. 16 of GDPR);
- withdraw consent to the handling of personal data (Art. 9 of Federal Law-152, Art. 7 of GDPR);
- obtain information regarding the handling of your personal data (Arts. 14, 16 of Federal Law-152, Art. 15 of GDPR);
- restrict handling and delete personal data (Arts, 14, 15 of Federal Law-152, Arts. 17, 18 of GDPR);
- complain to us if you believe that your rights and interests have been breached (Art. 17 of Federal Law-152, Art. 21 of GDPR). We will do our best to remedy the situation. Contacts for communicating with us are given in the Contacts section. You also have the right to file a complaint with the appropriate supervisory authority or court.
If you are a subject of European Union law, you also have the following rights under the GDPR:
- to receive the personal data that has been provided to us in a structured format and to share this data with other organizations (Art. 20 of GDPR);
- to receive a copy of the personal data handled by the Company (Art. 15 of GDPR);
- to receive information about any leakage of personal data (Art. 34 of GDPR).
The rights described above may only be exercised if you are uniquely identified as the personal data subject. We notify you of your obligation to provide us with personal data that are accurate.
Date of publication: 13.01.2022
Previous version: 23.07.2020