Privacy policy

SEC NRS policy regarding protection and processing of personal data

The Policy of Scientific and Engineering Centre for Nuclear and Radiation Safety (hereinafter — SEC NRS) regarding protection and processing of personal data (hereinafter — Policy) has been developed in order to meet the requirements of the Federal Law dated 27 July 2006 № 152-FZ “On Personal Data” (hereinafter —Federal Law “On Personal Data”) and is aimed at ensuring the protection of human and civil rights and freedoms while processing personal data, including protection of rights to privacy, personal and family secrets.

While processing personal data SEC NRS strictly complies with main principles and rules, set by the Federal Law “On Personal Data”. Personal data, processed by SEC NRS, is classified as confidential information.

SEC NRS complies with the general requirements of the personal data legislation by implementing a set of legal, organizational and technical measures:

  • confidentiality requirements for personal data;
  • requirements to ensure that the subject of personal data exercises his or her rights;
  • requirements to ensure accuracy of personal data and in necessary cases – relevance towards purposes of processing personal data with taking (ensuring) measures to remove or to clarify incomplete or inaccurate data;
  • requirements to protection of personal data from illegal or accidental access, destruction, modification, blocking, copying, provision, distribution of personal data as well as from any other illegal actions towards personal data.

In order to ensure confidentiality and protection of personal data SEC NRS has defined up-to-date threats to the security of personal data while processing it with IT systems and ensures the necessary measures to provide security of personal data, including establishing rules for access to personal data and its storage, use of certified means of information protection, registration of machine information media, detection of unsanctioned access cases to personal data and ensuring measures to prevent such cases, recovery of personal data modified or destroyed due to unsanctioned access, limitation of access to personal data, registration and accounting for actions with personal data.

SEC NRS has appointed a person responsible for organizing the processing of personal data as well as developed and issued local normative acts regulating processing and protection of personal data.

SEC NRS respects the rights of personal data subjects granted by the Federal Law “On Personal Data”, namely:

  • right to free access of the subject to his or her personal data and to obtaining information regarding processing of his or her personal data;
  • right of the personal data subject to demand clarification of his or her personal data, its blocking or destruction in case of personal data being incomplete, outdated, illegally obtained or unnecessary for the declared purpose of processing;
  • right to recall the consent to personal data processing;
  • right to appeal against SEC NRS actions or omissions by applying to the authorized body for protection of personal data subjects’ rights – the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) or in court.

SEC NRS carries out internal control for compliance of personal data processing with the Federal Law “On Personal Data” and with normative acts and requirements for personal data protection, adopted in accordance with it, as well as assesses the effectiveness of the measures taken to ensure the security of personal data.

SEC NRS employees, that have access to personal data, undertake responsibility to comply with the legal acts regulating processing and protection of personal data established by the legislation of the Russian Federation.

Review and update of this Policy is carried out in connection with the changes to the legislation of the Russian Federation in the field of personal data based on the results of the analysis of relevance, sufficiency and efficiency of the measures taken in regard to ensuring security of personal data processed by SEC NRS.

The Policy was approved by the SEC NRS Order dated 01.10.2021 №133.

«The Policy of Scientific and Engineering Centre for Nuclear and Radiation Safety regarding protection and processing of personal data» (PDF, 600 Kb).