1.1. Present Policy Statement on Emotional Rating users’ personal data processing and protection are developed in order to comply with GDPR.
1.2. Present Policy Statement is an official document which sets forth the arrangements for data processing and protection for individuals who use services, information and programs of Emotional Rating positioned the domain EmotionalRating.com (i.e. Emotional Rating users).
1.3. The purpose of Policy Statement is privacy assurance and personal Emotional Rating users’ data protection; assurance of users’ rights during data processing; allocation of responsibility of employees and officials who have access to Emotional Rating users' personal data for violation of rules related to personal data processing and protection.
1.4. Policy Statement sets forth rights and responsibilities of managers and employees, data use rules for work-related purposes, coordination arrangements for Emotional Rating users’ data collecting, documenting, storage and destruction.
1.5. Policy Statement effective date and amendment.
1.5.1. Present Policy Statement shall be effective after being signed by CEO and remain in force without limit of time until it is replaced by new Policy Statement.
1.5.2. All amendments are communicated to all employees by publicating on the site.
1.6. All Company employees must be acknowledged with Policy Statement against receipt.
1.7. Emotional Rating users’ personal data is confidential information.
2.1. For the purposes of present Policy Statement we use the following general definitions:
3.1. Personal data definition. Emotional Rating users’ personal data is information required in order to provide services for users when they use Emotional Rating and directed to particular user.
3.2. The scope of personal data is data provided by Emotional Rating users by completing forms, profile settings and other sources on the site, in particular:
3.3. Emotional Rating users’ personal data also includes user data collected by Emotional Rating functionality and processed by computing capacity of the service, in particular:
3.4. Personal data also includes additional data provided by user on demand of Emotional Rating with intent to satisfy and discharge obligations towards user.
3.5. Company has a right to request a copy of document of identification or other document containing first name, last name, photo, and other data necessary and sufficient for user identification with intent to prevent from abusive practice and infringement of third-party rights.
3.6. Emotional Rating user must keep his / her personal data and other information current.
4.1. Personal data is provided by Emotional Rating user by completing forms, profile settings, making a contract or an offer, sending a letter from user to Company.
4.2. Emotional Rating user must provide accurate personal data and notify changes without undue delay. Company has a right to check the veracity of data demanding on a copy of document of identification.
4.3. Company shall not receive and process Emotional Rating user data about his / her ethnicity, nationality, political views, religious and philosophical views, state of health, intimate life due to GDPR regulations.
4.4. Emotional Rating users’ personal data processing is performed with intent to be in compliance with law and to provide personal security.
4.5. Emotional Rating user agrees to personal data processing by completing forms on site and in mobile apps so that to accept Terms & Conditions https://emotionalrating.com/p/terms due to GDPR regulations in terms of Privacy Policy https://emotionalrating.com/p/privacy-policy.
4.6. User’s consent on personal data processing is not obligatory in the following cases:
4.7. Arrangements for personal data processing, transfers and storage. With intent to enforce human and civil rights Company employees and officials must comply with the following general regulations:
4.7.1. Company defines volume and content of processed personal data due to GDPR regulations.
4.7.2. Personal data protection from abusive practice or loss is performed by Company at its expense.
4.7.3. In all the circumstances user’s waiver of right of privacy is void.
5.1.1. Withhold Emotional Rating users’ personal data from third parties without written consent from user except in cases when it is necessary for preventing danger to user’s health or life, in cases captured in legislation throughout the EU, and in cases listed in Privacy Policy https://emotionalrating.com/p/privacy-policy.
5.1.2. Warn third parties who receive Emotional Rating users’ personal data that it may be used only on purposes for what it is communicated, and claim that this regulation must be satisfied. Third parties who receive Emotional Rating users’ personal data must comply with privacy. This regulation does not apply to Emotional Rating users’ personal data communication in cases captured in legislation throughout the EU.
5.1.3. Communicate Emotional Rating users’ personal data within Company due to Policy Statement.
5.1.4. Permit access to Emotional Rating users’ personal data only for designated authorities as required for performing specific functions.
5.1.5. Register requests and communication of Emotional Rating users’ personal data in Registration Log of requested format.
5.2. Emotional Rating users’ personal data storage and use.
5.2.1. Emotional Rating users’ personal data is processed and stored by automation facilities in local computers.
Emotional Rating users’ personal data is stored in local computers in system protected from viruses and local and global network security threats, with authorized access.
5.2.2. Emotional Rating users’ personal data is processed and communicated for storage in both physical and electronic media.
5.2.3. Emotional Rating users’ personal data in physical media is stored in folders in safe. Emotional Rating users’ personal data in electronic media is stored in local computer networks. Access to users’ personal data bases is password-protected. Chief Executive Officer set passwords and communicate them individually among employees who need access to Emotional Rating users’ personal data.
Reference: Emotional Rating users’ personal data storage in accounting office and other departments working with personal data is performed through except access for third parties.
5.2.4. Employees provided with access to Emotional Rating users’ personal data for work-related purposes (СEO, CTO, programmer, chief editor, technical support department) provide personal data storage with except access for third parties.
In absence employees must not keep Emotional Rating users’ personal data in physical media in the workplace.
For vacation leave, business trip or other durial absence form the workplace employee must delegate document storage and media to other employee according with internal regulations.
Reference: if such employee is not appointed, documents and media are delegated to other employee having access to Emotional Rating users’ personal data on direction of unit manager.
In case of removal of such employee documents and media are delegated to other employee having access to Emotional Rating users’ personal data on direction of unit manager.
6.1. Access for employees.
6.1.1. Access to Emotional Rating users’ personal data is given to the following not specifically authorized employees to the extent that they use data for work-related purposes:
6.1.2. Designated authorities have access only to personal data which is necessary for performing functions.
6.1.3. Without authorized access employees are not permitted to have access to Emotional Rating users’ personal data.
6.1.4. Access registration procedure includes:
6.1.5. Personal data communication within Company is performed only by employees having access to Emotional Rating users’ personal data.
6.1.6. Employees are permitted to copy and abstract Emotional Rating users’ personal data only for work-related purposes on direction of unit manager.
6.2. Access for external organisations and third parties.
6.2.2. Access to Emotional Rating users’ personal data is given to third parties for purposes listed in Privacy Policy https://emotionalrating.com/p/privacy-policy with consent of Emotional Rating user. This consent is made through completing forms on site or in mobile apps. This means that user accepts Terms & Conditions and agrees on personal data processing due to GDPR regulations.
6.2.3. Emotional Rating users’ personal data communication is not permitted for commercial purposes without the written consent from user. Emotional Rating users’ personal data processing for promotion of products and services by direct contact with prospects through means of communication is permitted only with advance consent of user.
6.2.4. Employees who transfer Emotional Rating users’ personal data to third parties must take act of acceptance-transfer of documents or other physical media containing personal data.
Act of acceptance-transfer must be made in a form prescribed by Company and must contain notification about responsibility to use personal data only for purposes for which it is transferred.
Transferring of documents and other physical media containing Emotional Rating users’ personal data is performed only to the extent in place:
For arrangements of Emotional Rating users’ personal data transfers specially trained employee and unit manager are responsible.
6.2.5. Emotional Rating users’ personal data is transferred to user’s agent including lawyer in order to comply with law and Policy Statement to the extent in place:
POAs and statements are documents of management and record keeping.
6.2.6. Emotional Rating users’ personal data is transferred to public authorities in order to comply with law and Policy Statement.
6.2.7. Emotional Rating users’ personal data is transferred to relatives and family members only with written consent of user except as otherwise personal data transfers is permitted without written consent by law throughout the EU.
6.2.8. Documents containing Emotional Rating users’ personal data is transferred through federal postal organization in compliance of privacy.
Documents containing Emotional Rating users’ personal data are enclosed with cover letter attached. The envelope contains note of confidentiality of contents and responsibility for illegal disclosure. Then the envelope with cover letter is enclosed in other envelope with postal details for recorded delivery.
6.3. Emotional Rating user has a right to:
6.3.1. Get full information about his / her personal data processing.
6.3.2. Free access to his / her personal data including copying any note containing personal data save in exceptional cases with compliance to law.
6.3.3. Claim to make data more exact and correct, exclude if it is inaccurate, illegally received or unnecessary for Company.
6.3.4. Ask for:
6.3.5. Claim to notificate all persons who were informed of inaccurate or incomplete personal data, about exclusions, corrections and additions.
6.3.6. Lodge a complaint about wrong acts or negative acts of Company related to personal data processing and protection to authorized agency of protection of the rights of subjects of personal data or in legal form.
7.1. Personal data protection from abusive practice or loss is performed by Company at its expense.
7.2. Overall organization of Emotional Rating users’ personal data protection is performed by CEO.
7.3. CEO provides:
7.4. Organization and control of Emotional Rating users’ personal data protection in business and support units where employees have access to personal data, is performed by unit managers.
7.5. The following are liable for protection:
7.6. Personal data in databases is protected from unauthorized access, corruption, destruction or other wrong acts through access rights differentiation with accounts and passwords for authorization.
7.7. In order to provide Emotional Rating users’ personal data security and privacy all functions related to personal data maintenance and storage must be performed only by employees in accordance with employment duties defined in job description.
7.8. Responses to written requests of other organisations and agencies within their competences are given in a written form prescribed by Company and to the extent so that not to disclose extra confidential information.
When Emotional Rating users’ personal data is transferred to third parties including Emotional Rating user’s agents in compliance with Policy Statement, it is limited to the extent enough to perform functions by third parties.
7.9. Emotional Rating users’ personal data transfers via phone, fax, e-mail is forbidden without written consent of user.
8.1. Persons guilty of a violation of Emotional Rating users’ personal data receiving, processing and protecting bear financial, disciplinary, administrative, civil and criminal liability as set forth by law.
8.2. Emotional Rating users’ personal data disclosure to third parties and to employees without right to access, public disclosure, loss of documents or media containing Emotional Rating users’ personal data, other non-compliance with Policy Statement and failures to perform duties of personal data protection and processing according with internal regulations, contribute to admonition or dismission liable to disciplinary action.
8.3. Employees having access to Emotional Rating users’ personal data who commits disciplinary action bear the full financial liability in case of causing damage to Company.
8.4. Employees having access to Emotional Rating users’ personal data guilty of disclosure or personal data misuse for their own ends without consent of user that contribute to major damage, bear criminal liability.