Privacy
Policy

Key Terms Used in the Policy

• Personal Data means any information relating to an identified or identifiable natural person (personal data subject).
• Personal Data Subject means a natural person who is directly or indirectly identified or identifiable through personal data. Categories of personal data subjects are listed in clause 4.3 of this Policy.
• Processing of Personal Data means any action (operation) or set of actions (operations) performed with or without the use of automation tools on personal data, including collection, recording, systematization, accumulation, storage, updating (modification), retrieval, use, transfer (dissemination, provision, access), anonymization, blocking, deletion, and destruction of personal data.
• Automated Processing of Personal Data means processing of personal data using computing equipment.
• Dissemination of Personal Data means actions aimed at disclosing personal data to an indefinite number of persons.
• Provision of Personal Data means actions aimed at disclosing personal data to a specific person or a specific group of persons.
• Blocking of Personal Data means temporary suspension of personal data processing (except where processing is necessary for clarification of personal data).
• Destruction of Personal Data means actions resulting in the impossibility of restoring the content of personal data in personal data information systems and/or resulting in the destruction of material carriers of personal data.
• Anonymization of Personal Data means actions resulting in the impossibility of identifying personal data as belonging to a specific personal data subject without the use of additional information.
• Biometric Personal Data means information that characterizes physiological and biological features of a person, on the basis of which their identity can be established, and which is used by the Operator to identify the personal data subject.
• Personal Data Law means Federal Law No. 152-FZ dated July 27, 2006 “On Personal Data”.
• Personal Data Operator (Operator) means JSC “MR Group” (OGRN 1067746302491, INN 7714637341, registered address: Premises XXXI, 2 bldg. 2, Novodmitrovskaya St., Moscow, 127015, Russian Federation).
• Security Service means a structural unit of the Operator responsible for ensuring the security of the Company’s activities.
• Operator’s Infrastructure means the totality of information systems, services, and real estate objects owned or leased by the Operator.

The personal data subject has the right to receive information regarding the processing of their personal data, including:

• confirmation of the fact of processing of personal data by the Operator;
• legal grounds and purposes of personal data processing;
• purposes and methods of personal data processing used by the Operator;
• name and location of the Operator, and information about persons (excluding employees) who have access to personal data or to whom personal data may be disclosed;
• processed personal data relating to the subject and the source of such data;
• processing periods, including storage periods;
• procedure for exercising rights under personal data law;
• information on cross-border data transfer;
• details of the processor acting on behalf of the Operator;
• information on compliance measures under Article 18.1 of the Personal Data Law;
• other information provided by applicable law.

The Operator has the right to:

• defend its interests in court;
• provide personal data to third parties where required by applicable law (including tax, law enforcement, and judicial authorities);
• refuse to provide personal data in cases provided for by the legislation;
• process personal data without consent where permitted by the Personal Data Law.

The Operator processes personal data for the following purposes:

• conclusion, performance, and termination of contracts;
• use of cookies to ensure website functionality and security, improve services, and create personalized offers;
• processing website inquiries;
• state registration of real estate transactions;
• opening escrow accounts;
• communication with clients;
• providing access to website services and materials;
• sale of real estate;
• marketing and promotion;
• call center operations.

Legal grounds include:

• applicable laws of the Russian Federation (including Civil Code, Tax Code, Federal Laws No. 208-FZ, 402-FZ, 167-FZ, 214-FZ, etc.);
• contracts with personal data subjects;
• consent to personal data processing.

Processing is permitted where:

• consent is obtained;
• necessary for contract performance;
• necessary to protect vital interests;
• necessary for legitimate interests of the Operator;
• required for journalism, research, or statistics (with anonymization);
• required by law.

The Operator processes personal data in accordance with legal principles and ensures:

• data minimization and purpose limitation;
• storage only as long as necessary;
• destruction or anonymization upon achieving processing purposes.

The Operator shall:

• provide access to personal data within statutory time frame;
• correct or delete inaccurate or unlawful data;
• cease processing upon withdrawal of consent or achievement of purposes;
• notify authorities in case of data breaches within statutory deadlines.

Requests may be submitted:

• in person;
• by mail;
• electronically (signed with electronic signature).