Privacy policy
Policy regarding the processing of personal data of Innostage LLC on the website https://innostage-group.com/
General Provisions
Privacy Policy of Innostage LLC (Taxpayer Identification Number (INN) 1655428600, Primary State Registration Number (OGRN) 1191690099028, registered address: 60 Podluzhnaya St., Kazan, Republic of Tatarstan, 420015, Russian Federation) regarding the processing of personal data.
1.1. This Privacy Policy of Innostage LLC (hereinafter referred to as the “Policy”) is developed in accordance with the provisions of Federal Law No. 152-FZ dated July 27, 2006 “On Personal Data” (hereinafter referred to as the “Personal Data Law”), as well as other regulatory legal acts, the company’s charter documents, and agreements specified in clauses 3.1–3.2 of this Policy.
The Policy defines the procedure for processing personal data and the measures taken to ensure the security of personal data by Innostage LLC (hereinafter referred to as the “Operator”).
1.2. This Policy applies to all personal data processed by Innostage LLC. The Operator considers compliance with human and civil rights and freedoms, including the right to privacy and protection of personal and family secrets, to be a fundamental condition of its activities.
1.3. This Policy applies to personal data processing relationships that arose both before and after the approval of this Policy.
1.4. In accordance with Part 2 of Article 18.1 of the Personal Data Law, this Policy is publicly available on the Internet at: https://innostage-group.com/ (hereinafter referred to as the “Website”).
This Policy applies to all information that the Operator may obtain through the Website, as well as through other websites, services, social media accounts, and other products of the Operator that collect personal data and contain a reference to this Policy on the Internet.
1.5. Use of the Website services by the User constitutes unconditional acceptance of this Privacy Policy and the terms of processing of the User’s personal data.
If the User does not agree with the terms of this Privacy Policy, they must discontinue use of the Website.
1.6. Key Definitions
Personal Data — any information relating directly or indirectly to an identified or identifiable individual (data subject, including a client, user, or website visitor).
Client — an individual entering into or having entered into a civil law contract with the Operator.
Website User — a person who provides personal data on the Website for feedback purposes, to obtain information about the Operator’s goods/services, or to enter into a contract.
Website Visitor — a person accessing the Website (including any subdomains and pages).
Personal Data Operator (Operator) — Innostage LLC (INN 1655428600, address: 60 Podluzhnaya St., Kazan, Republic of Tatarstan, 420015, Russian Federation), which independently or jointly organizes and/or carries out personal data processing and determines the purposes, scope, and operations performed on personal data.
Processing of Personal Data — any action (operation) or set of actions performed on personal data, with or without the use of automation tools, including:
Distribution of Personal Data — actions aimed at disclosing personal data to an indefinite number of persons or making personal data accessible to an unlimited number of persons, including publication in mass media or placement in information and telecommunication networks.
Provision of Personal Data — actions aimed at disclosing personal data to a specific person or group of persons.
Blocking of Personal Data — temporary suspension of personal data processing (except where processing is necessary for clarification).
Destruction of Personal Data — actions resulting in the irreversible loss of the ability to restore personal data.
Anonymization of Personal Data — actions making it impossible to identify personal data as belonging to a specific individual without additional information.
Personal Data Information System — a set of personal data contained in databases and the information technologies and technical means ensuring their processing.
Cross-border Transfer of Personal Data — transfer of personal data to the territory of a foreign state, to a foreign government authority, foreign individual, or foreign legal entity.
1.6. Rights and Obligations of the Operator
1.6.1. The Operator has the right to:
1.6.2. The Operator is obliged to:
1.7. Rights of the Personal Data Subject
1.7.1. The data subject has the right to:
1.7.2. The data subject is obliged to:
1.8. Persons who provide inaccurate data or disclose personal data of another individual without consent shall be liable in accordance with Russian law.
1.9. Compliance with this Policy is monitored by a designated person responsible for personal data processing within the Operator. Liability for violations is determined under applicable Russian law.
1.10. Principles of Personal Data Processing
Privacy Policy of Innostage LLC (Taxpayer Identification Number (INN) 1655428600, Primary State Registration Number (OGRN) 1191690099028, registered address: 60 Podluzhnaya St., Kazan, Republic of Tatarstan, 420015, Russian Federation) regarding the processing of personal data.
1.1. This Privacy Policy of Innostage LLC (hereinafter referred to as the “Policy”) is developed in accordance with the provisions of Federal Law No. 152-FZ dated July 27, 2006 “On Personal Data” (hereinafter referred to as the “Personal Data Law”), as well as other regulatory legal acts, the company’s charter documents, and agreements specified in clauses 3.1–3.2 of this Policy.
The Policy defines the procedure for processing personal data and the measures taken to ensure the security of personal data by Innostage LLC (hereinafter referred to as the “Operator”).
1.2. This Policy applies to all personal data processed by Innostage LLC. The Operator considers compliance with human and civil rights and freedoms, including the right to privacy and protection of personal and family secrets, to be a fundamental condition of its activities.
1.3. This Policy applies to personal data processing relationships that arose both before and after the approval of this Policy.
1.4. In accordance with Part 2 of Article 18.1 of the Personal Data Law, this Policy is publicly available on the Internet at: https://innostage-group.com/ (hereinafter referred to as the “Website”).
This Policy applies to all information that the Operator may obtain through the Website, as well as through other websites, services, social media accounts, and other products of the Operator that collect personal data and contain a reference to this Policy on the Internet.
1.5. Use of the Website services by the User constitutes unconditional acceptance of this Privacy Policy and the terms of processing of the User’s personal data.
If the User does not agree with the terms of this Privacy Policy, they must discontinue use of the Website.
1.6. Key Definitions
Personal Data — any information relating directly or indirectly to an identified or identifiable individual (data subject, including a client, user, or website visitor).
Client — an individual entering into or having entered into a civil law contract with the Operator.
Website User — a person who provides personal data on the Website for feedback purposes, to obtain information about the Operator’s goods/services, or to enter into a contract.
Website Visitor — a person accessing the Website (including any subdomains and pages).
Personal Data Operator (Operator) — Innostage LLC (INN 1655428600, address: 60 Podluzhnaya St., Kazan, Republic of Tatarstan, 420015, Russian Federation), which independently or jointly organizes and/or carries out personal data processing and determines the purposes, scope, and operations performed on personal data.
Processing of Personal Data — any action (operation) or set of actions performed on personal data, with or without the use of automation tools, including:
- collection;
- recording;
- systematization;
- accumulation;
- storage;
- updating (modification);
- extraction;
- use;
- transfer (distribution, provision, access);
- anonymization;
- blocking;
- deletion;
- destruction.
Distribution of Personal Data — actions aimed at disclosing personal data to an indefinite number of persons or making personal data accessible to an unlimited number of persons, including publication in mass media or placement in information and telecommunication networks.
Provision of Personal Data — actions aimed at disclosing personal data to a specific person or group of persons.
Blocking of Personal Data — temporary suspension of personal data processing (except where processing is necessary for clarification).
Destruction of Personal Data — actions resulting in the irreversible loss of the ability to restore personal data.
Anonymization of Personal Data — actions making it impossible to identify personal data as belonging to a specific individual without additional information.
Personal Data Information System — a set of personal data contained in databases and the information technologies and technical means ensuring their processing.
Cross-border Transfer of Personal Data — transfer of personal data to the territory of a foreign state, to a foreign government authority, foreign individual, or foreign legal entity.
1.6. Rights and Obligations of the Operator
1.6.1. The Operator has the right to:
- obtain accurate information and/or documents containing personal data from the data subject;
- continue processing personal data without the consent of the data subject if the subject withdraws consent or requests termination of processing, provided there are legal grounds under applicable law;
- independently determine the scope and list of measures necessary and sufficient to comply with personal data legislation;
- entrust the processing of personal data to a third party with the consent of the data subject, based on a contract, provided such party complies with applicable personal data protection requirements.
1.6.2. The Operator is obliged to:
- process personal data in accordance with applicable law;
- provide the data subject with information regarding the processing of their personal data upon request;
- respond to requests from data subjects and their representatives;
- provide information to authorized authorities within statutory deadlines;
- ensure interaction with state cybersecurity systems where required by law;
- publish or otherwise ensure unrestricted access to this Policy;
- appoint a person responsible for organizing personal data processing prior to processing;
- implement legal, organizational, and technical measures to protect personal data;
- cease processing and destroy personal data where required by law;
- perform other obligations established by law.
1.7. Rights of the Personal Data Subject
1.7.1. The data subject has the right to:
- receive information regarding the processing of their personal data;
- request correction, blocking, or deletion of inaccurate or unlawfully obtained personal data;
- require prior consent for processing for marketing purposes;
- withdraw consent and request termination of processing;
- appeal unlawful actions or omissions of the Operator;
- exercise other rights provided by applicable Russian law.
1.7.2. The data subject is obliged to:
- provide accurate personal data;
- notify the Operator of any updates or changes to their personal data.
1.8. Persons who provide inaccurate data or disclose personal data of another individual without consent shall be liable in accordance with Russian law.
1.9. Compliance with this Policy is monitored by a designated person responsible for personal data processing within the Operator. Liability for violations is determined under applicable Russian law.
1.10. Principles of Personal Data Processing
- processing is carried out on a lawful and fair basis;
- processing is limited to specific, predefined, and legitimate purposes;
- incompatible data processing purposes must not be combined;
- only data necessary for processing purposes is processed;
- data must be accurate, sufficient, and up to date;
- excessive data processing is not permitted;
- data is stored only as long as necessary for processing purposes;
- upon achieving processing purposes, personal data must be deleted or anonymized unless otherwise required by law.
2. Purposes of Personal Data Collection
2.1. The processing of personal data is limited to the achievement of specific, predetermined, and lawful purposes. Processing of personal data that is incompatible with the purposes of data collection is not permitted.
2.2. Only personal data that is relevant and necessary for the stated processing purposes shall be processed.
2.3. The Operator processes personal data for the following purposes:
* Device and technical data may include: IP address, operating system type, device type (e.g., personal computer, mobile phone, tablet), browser type, geographic location, form submission activity, and Internet service provider.
** Automatically collected information, including through cookies:
Cookies are small text files that are automatically stored in the User’s browser when visiting the Website. They allow the Website to access stored information on the User’s device when necessary. The Operator uses cookies, for example, to remember the language selected by the User. When the User revisits the Website, this allows the Operator to better account for user preferences. Most web browsers store cookies automatically; however, the User may change browser settings at any time to refuse the storage of cookies.
The Website also collects and processes anonymized visitor data (including cookies) using web analytics services (e.g., Yandex Metrica).
2.4. Processing of employees’ personal data may be carried out solely for the purpose of ensuring compliance with applicable laws and regulations.
2.5. The Operator stores personal data in a form that allows identification of the data subject no longer than required for each specific processing purpose, unless a longer retention period is established by federal law or a contract.
2.1. The processing of personal data is limited to the achievement of specific, predetermined, and lawful purposes. Processing of personal data that is incompatible with the purposes of data collection is not permitted.
2.2. Only personal data that is relevant and necessary for the stated processing purposes shall be processed.
2.3. The Operator processes personal data for the following purposes:
Purpose | Categories of Personal Data | Categories of Data Subjects |
Communication with the user to provide information or arrange consultations upon user request | Full name, email address, employment information (company name), phone number | Prospective clients, clients |
Collection of information on Website usage; conducting statistical and other research based on anonymized data to analyze user behavior and improve the Website and its content | Device and technical data*, automatically collected information including via cookies**, information generated from user actions (including comments, requests, feedback, and inquiries) | Website users |
Distribution of marketing materials; promotion of the Operator’s goods and services; notifications about new products, special offers, and events | Full name, email address, job title, department, current place of employment | Website users |
Performance and/or fulfillment of other functions, powers, and obligations assigned to the Operator under applicable Russian legislation or corporate documents | Full name, phone number, email address, device and technical data*, automatically collected information including via cookies**, information generated from user actions (including comments, requests, feedback, and inquiries) | Prospective clients, clients, Website users |
* Device and technical data may include: IP address, operating system type, device type (e.g., personal computer, mobile phone, tablet), browser type, geographic location, form submission activity, and Internet service provider.
** Automatically collected information, including through cookies:
Cookies are small text files that are automatically stored in the User’s browser when visiting the Website. They allow the Website to access stored information on the User’s device when necessary. The Operator uses cookies, for example, to remember the language selected by the User. When the User revisits the Website, this allows the Operator to better account for user preferences. Most web browsers store cookies automatically; however, the User may change browser settings at any time to refuse the storage of cookies.
The Website also collects and processes anonymized visitor data (including cookies) using web analytics services (e.g., Yandex Metrica).
2.4. Processing of employees’ personal data may be carried out solely for the purpose of ensuring compliance with applicable laws and regulations.
2.5. The Operator stores personal data in a form that allows identification of the data subject no longer than required for each specific processing purpose, unless a longer retention period is established by federal law or a contract.
3. Legal Grounds for Personal Data Processing
3.1. The legal basis for the processing of personal data is a set of regulatory legal acts pursuant to and in accordance with which the Operator processes personal data, including but not limited to:
3.2. The legal grounds for personal data processing also include:
3.1. The legal basis for the processing of personal data is a set of regulatory legal acts pursuant to and in accordance with which the Operator processes personal data, including but not limited to:
- the Constitution of the Russian Federation;
- the Civil Code of the Russian Federation;
- the Labour Code of the Russian Federation;
- the Tax Code of the Russian Federation;
- Federal Law No. 14-FZ dated February 8, 1998 “On Limited Liability Companies”;
- Federal Law No. 402-FZ dated December 6, 2011 “On Accounting”;
- Federal Law No. 167-FZ dated December 15, 2001 “On Mandatory Pension Insurance in the Russian Federation”;
- other regulatory legal acts governing relations related to the Operator’s activities.
3.2. The legal grounds for personal data processing also include:
- the Operator’s Charter;
- contracts concluded between the Operator and personal data subjects;
- consent of personal data subjects to the processing of their personal data.
4. Scope of Personal Data Processed
4.1. The content and scope of personal data processed must correspond to the stated purposes of processing set out in Section 2 of this Policy. The personal data processed must not be excessive in relation to the stated purposes of processing.
4.2. The Operator does not process biometric personal data (i.e., data relating to physiological and biological characteristics of an individual that can be used to establish their identity), except in cases as required by applicable Russian law.
4.3. The Operator does not process special categories of personal data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, health status, or intimate life, except in cases required by applicable Russian law.
4.1. The content and scope of personal data processed must correspond to the stated purposes of processing set out in Section 2 of this Policy. The personal data processed must not be excessive in relation to the stated purposes of processing.
4.2. The Operator does not process biometric personal data (i.e., data relating to physiological and biological characteristics of an individual that can be used to establish their identity), except in cases as required by applicable Russian law.
4.3. The Operator does not process special categories of personal data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, health status, or intimate life, except in cases required by applicable Russian law.
5. Procedure and Conditions for Personal Data Processing
5.1.Personal data shall be processed by the Operator in accordance with the requirements of the legislation of the Russian Federation.
5.2. Personal data shall be processed with the consent of the personal data subject, as well as without such consent in cases as provided for by applicable Russian law.
5.3. Processing of personal data is necessary to achieve the purposes stipulated by international treaties of the Russian Federation or by law, to perform functions, powers, and obligations imposed on the Operator by Russian law, as well as for the purposes specified in Clause 2.3 of this Policy.
5.4. Personal data processing may be necessary for the administration of justice, enforcement of a court decision, or execution of an act of another authority or official subject to enforcement under Russian legislation (where applicable).
5.5. Processing of personal data may be necessary for the performance of a contract to which the personal data subject is a party, beneficiary, or guarantor, as well as for entering into a contract at the initiative of the data subject (where applicable).
5.6. Processing of personal data may be necessary to protect the rights and legitimate interests of the Operator or third parties, or to achieve socially significant objectives, provided that the rights and freedoms of the personal data subject are not violated.
5.7. The Operator processes personal data made publicly available by the personal data subject or at their request (hereinafter — publicly available personal data).
5.8. The Operator processes personal data subject to publication or mandatory disclosure in accordance with federal law.
5.9. The security of personal data processed by the Operator is ensured through the implementation of legal, organizational, and technical measures necessary to fully comply with applicable data protection legislation.
5.10. The Operator ensures the safety of personal data and takes all reasonable measures to prevent unauthorized access.
5.11. The User’s personal data shall not be transferred to third parties under any circumstances, except where required by law or where the data subject has given consent for such transfer.
5.12. In the event of inaccuracies in personal data, the User may update such data by sending a notification to the Operator at Marketing@innostage-group.ru with the subject line “Personal Data Update” or to the Operator’s registered address specified in Clause 1.5 of this Policy.
5.13. The User may withdraw their consent to the processing of personal data at any time by sending a notification to Marketing@innostage-group.ru with the subject line “Withdrawal of Consent to Personal Data Processing” or to the Operator’s registered address specified in Clause 1.5 of this Policy.
5.14. All information collected by third-party services, including communication providers and other service providers, is stored and processed by such entities in accordance with their respective privacy policies and terms of use. The Operator shall not be liable for the actions of third parties.
5.15. Restrictions imposed by the personal data subject on the transfer or processing of publicly available personal data do not apply where such processing is carried out in state, public, or other legally established public interests.
5.16. The Operator ensures the confidentiality of personal data. Personal data shall not be disclosed or distributed to third parties without the consent of the data subject, unless otherwise provided by law.
5.17. Personal data shall be stored in a form that allows identification of the data subject no longer than necessary for the purposes of processing, unless otherwise established by law or contract.
5.18. The following may serve as grounds for termination of personal data processing:
5.19. The Operator processes personal data using the following methods:
5.20. Only employees of the Operator whose job duties include personal data processing are authorized to process such data.
5.21. Personal data is processed for each purpose specified in Clause 2.3 by:
5.22. The Operator performs the following actions with personal data: collection, recording, systematization, accumulation, storage, updating, extraction, use, transfer (including distribution, provision, and access, subject to consent where required), anonymization, blocking, deletion, and destruction.
Processing may be automated with or without data transmission via telecommunication networks.
Cross-border transfer of personal data is not carried out by the Operator.
5.23. Disclosure or distribution of personal data without the consent of the data subject is not permitted unless required by law.
Consent for the processing of personal data permitted for dissemination shall be obtained separately from other consents, in accordance with Roskomnadzor Order No. 18 dated February 24, 2021.
5.24. Personal data may be transferred to law enforcement authorities, tax authorities, the Social Fund of Russia, and other authorized bodies in accordance with Russian legislation.
5.25. The Operator implements necessary legal, organizational, and technical measures to protect personal data, including:
5.26. Personal data shall be stored no longer than necessary for each processing purpose, unless otherwise required by law or contract.
5.26.1. Paper-based personal data shall be stored in accordance with Russian archival legislation, including Federal Law No. 125-FZ “On Archival Affairs in the Russian Federation” and applicable archival retention schedules.
5.26.2. Retention periods for personal data in information systems shall correspond to those for paper records.
5.27. The Operator shall cease processing personal data in the following cases:
5.28. Upon achievement of processing purposes or withdrawal of consent, the Operator shall cease processing unless:
5.29. When collecting personal data, including via the Internet, the Operator ensures that personal data of Russian citizens is recorded, stored, and processed using databases located within the territory of the Russian Federation, except as otherwise provided by law.
5.1.Personal data shall be processed by the Operator in accordance with the requirements of the legislation of the Russian Federation.
5.2. Personal data shall be processed with the consent of the personal data subject, as well as without such consent in cases as provided for by applicable Russian law.
5.3. Processing of personal data is necessary to achieve the purposes stipulated by international treaties of the Russian Federation or by law, to perform functions, powers, and obligations imposed on the Operator by Russian law, as well as for the purposes specified in Clause 2.3 of this Policy.
5.4. Personal data processing may be necessary for the administration of justice, enforcement of a court decision, or execution of an act of another authority or official subject to enforcement under Russian legislation (where applicable).
5.5. Processing of personal data may be necessary for the performance of a contract to which the personal data subject is a party, beneficiary, or guarantor, as well as for entering into a contract at the initiative of the data subject (where applicable).
5.6. Processing of personal data may be necessary to protect the rights and legitimate interests of the Operator or third parties, or to achieve socially significant objectives, provided that the rights and freedoms of the personal data subject are not violated.
5.7. The Operator processes personal data made publicly available by the personal data subject or at their request (hereinafter — publicly available personal data).
5.8. The Operator processes personal data subject to publication or mandatory disclosure in accordance with federal law.
5.9. The security of personal data processed by the Operator is ensured through the implementation of legal, organizational, and technical measures necessary to fully comply with applicable data protection legislation.
5.10. The Operator ensures the safety of personal data and takes all reasonable measures to prevent unauthorized access.
5.11. The User’s personal data shall not be transferred to third parties under any circumstances, except where required by law or where the data subject has given consent for such transfer.
5.12. In the event of inaccuracies in personal data, the User may update such data by sending a notification to the Operator at Marketing@innostage-group.ru with the subject line “Personal Data Update” or to the Operator’s registered address specified in Clause 1.5 of this Policy.
5.13. The User may withdraw their consent to the processing of personal data at any time by sending a notification to Marketing@innostage-group.ru with the subject line “Withdrawal of Consent to Personal Data Processing” or to the Operator’s registered address specified in Clause 1.5 of this Policy.
5.14. All information collected by third-party services, including communication providers and other service providers, is stored and processed by such entities in accordance with their respective privacy policies and terms of use. The Operator shall not be liable for the actions of third parties.
5.15. Restrictions imposed by the personal data subject on the transfer or processing of publicly available personal data do not apply where such processing is carried out in state, public, or other legally established public interests.
5.16. The Operator ensures the confidentiality of personal data. Personal data shall not be disclosed or distributed to third parties without the consent of the data subject, unless otherwise provided by law.
5.17. Personal data shall be stored in a form that allows identification of the data subject no longer than necessary for the purposes of processing, unless otherwise established by law or contract.
5.18. The following may serve as grounds for termination of personal data processing:
- achievement of processing purposes;
- expiration of the consent period;
- withdrawal of consent by the data subject;
- a request to terminate processing;
- detection of unlawful processing.
5.19. The Operator processes personal data using the following methods:
- non-automated processing;
- automated processing (with or without data transmission via telecommunications networks);
- mixed processing.
5.20. Only employees of the Operator whose job duties include personal data processing are authorized to process such data.
5.21. Personal data is processed for each purpose specified in Clause 2.3 by:
- collecting data directly from data subjects via the Website in written form;
- entering data into logs, registers, and information systems of the Operator.
5.22. The Operator performs the following actions with personal data: collection, recording, systematization, accumulation, storage, updating, extraction, use, transfer (including distribution, provision, and access, subject to consent where required), anonymization, blocking, deletion, and destruction.
Processing may be automated with or without data transmission via telecommunication networks.
Cross-border transfer of personal data is not carried out by the Operator.
5.23. Disclosure or distribution of personal data without the consent of the data subject is not permitted unless required by law.
Consent for the processing of personal data permitted for dissemination shall be obtained separately from other consents, in accordance with Roskomnadzor Order No. 18 dated February 24, 2021.
5.24. Personal data may be transferred to law enforcement authorities, tax authorities, the Social Fund of Russia, and other authorized bodies in accordance with Russian legislation.
5.25. The Operator implements necessary legal, organizational, and technical measures to protect personal data, including:
- identifying security threats;
- adopting internal policies and regulations;
- appointing responsible persons;
- ensuring appropriate working conditions;
- maintaining records of documents containing personal data;
- organizing secure information systems;
- ensuring secure storage conditions;
- training employees.
5.26. Personal data shall be stored no longer than necessary for each processing purpose, unless otherwise required by law or contract.
5.26.1. Paper-based personal data shall be stored in accordance with Russian archival legislation, including Federal Law No. 125-FZ “On Archival Affairs in the Russian Federation” and applicable archival retention schedules.
5.26.2. Retention periods for personal data in information systems shall correspond to those for paper records.
5.27. The Operator shall cease processing personal data in the following cases:
- unlawful processing is identified (within three business days);
- processing purposes have been achieved;
- consent has expired or been withdrawn, where consent is required by law.
5.28. Upon achievement of processing purposes or withdrawal of consent, the Operator shall cease processing unless:
- otherwise provided for by a contract;
- processing without consent is permitted by law;
- otherwise agreed between the Operator and the data subject.
5.29. When collecting personal data, including via the Internet, the Operator ensures that personal data of Russian citizens is recorded, stored, and processed using databases located within the territory of the Russian Federation, except as otherwise provided by law.
6. Updating, Correction, Deletion, and Destruction of Personal Data; Responses to Data Subject Requests
6.1.Confirmation of the fact of personal data processing by the Operator, the legal grounds and purposes of such processing, as well as other information specified in Part 7 of Article 14 of the Personal Data Law, shall be provided by the Operator to the personal data subject or their representative within 10 business days from the date of receipt of the request.
This period may be extended by no more than five business days, provided that the Operator sends a reasoned notification to the data subject explaining the reasons for the extension.
The information provided shall not include personal data relating to other data subjects, except where there are lawful grounds for such disclosure.
The request must include:
The Operator shall provide the requested information in the same form in which the request was submitted, unless otherwise specified.
If the request does not contain all required information or if the requester is not entitled to access the requested data, the Operator shall issue a reasoned refusal.
The right of access to personal data may be restricted in accordance with Part 8 of Article 14 of the Personal Data Law, including where such access would violate the rights and legitimate interests of third parties.
6.2. If inaccurate personal data is identified upon request of the data subject, their representative, or Roskomnadzor, the Operator shall block such personal data from the moment of the request for the period of verification, provided that such blocking does not violate the rights of the data subject or third parties.
If the inaccuracy is confirmed, the Operator shall update the personal data within seven business days from the date of receipt of the relevant information and lift the blocking.
6.3. If unlawful processing of personal data is identified upon request of the data subject, their representative, or Roskomnadzor, the Operator shall block such unlawfully processed personal data from the moment of receipt of the request.
6.4. If the Operator, Roskomnadzor, or another authorized party identifies unlawful or accidental transfer (disclosure, provision, or access) of personal data resulting in a violation of data subject rights, the Operator shall:
6.5. Conditions and Timeframes for Destruction of Personal Data
Personal data shall be destroyed upon achievement of the processing purposes or upon withdrawal of consent by the data subject, unless:
6.5.3. Destruction of personal data shall be carried out by a commission appointed by order of the Operator’s head.
6.5.4. Methods of destruction of personal data are defined in the Operator’s internal regulations.
6.1.Confirmation of the fact of personal data processing by the Operator, the legal grounds and purposes of such processing, as well as other information specified in Part 7 of Article 14 of the Personal Data Law, shall be provided by the Operator to the personal data subject or their representative within 10 business days from the date of receipt of the request.
This period may be extended by no more than five business days, provided that the Operator sends a reasoned notification to the data subject explaining the reasons for the extension.
The information provided shall not include personal data relating to other data subjects, except where there are lawful grounds for such disclosure.
The request must include:
- the number of the primary identity document of the data subject or their representative, as well as details of the date of issue and issuing authority;
- information confirming the data subject’s relationship with the Operator (e.g., contract number and date, identifier, or other relevant details), or otherwise confirming the fact of personal data processing;
- the signature of the data subject or their representative.
The Operator shall provide the requested information in the same form in which the request was submitted, unless otherwise specified.
If the request does not contain all required information or if the requester is not entitled to access the requested data, the Operator shall issue a reasoned refusal.
The right of access to personal data may be restricted in accordance with Part 8 of Article 14 of the Personal Data Law, including where such access would violate the rights and legitimate interests of third parties.
6.2. If inaccurate personal data is identified upon request of the data subject, their representative, or Roskomnadzor, the Operator shall block such personal data from the moment of the request for the period of verification, provided that such blocking does not violate the rights of the data subject or third parties.
If the inaccuracy is confirmed, the Operator shall update the personal data within seven business days from the date of receipt of the relevant information and lift the blocking.
6.3. If unlawful processing of personal data is identified upon request of the data subject, their representative, or Roskomnadzor, the Operator shall block such unlawfully processed personal data from the moment of receipt of the request.
6.4. If the Operator, Roskomnadzor, or another authorized party identifies unlawful or accidental transfer (disclosure, provision, or access) of personal data resulting in a violation of data subject rights, the Operator shall:
- within 24 hours — notify Roskomnadzor of the incident, its suspected causes, potential harm, and measures taken to mitigate consequences, and provide details of the responsible contact person;
- within 72 hours — report the results of the internal investigation and provide information about the persons responsible (if identified).
6.5. Conditions and Timeframes for Destruction of Personal Data
Personal data shall be destroyed upon achievement of the processing purposes or upon withdrawal of consent by the data subject, unless:
- otherwise provided for by a contract involving the data subject;
- the Operator is entitled to process the data without consent under applicable law;
- otherwise provided by an agreement between the Operator and the data subject.
- upon achievement of processing purposes or loss of necessity — within 30 days;
- upon expiry of document retention periods — within 30 days;
- upon confirmation that the data was unlawfully obtained or unnecessary — within 7 business days;
- upon withdrawal of consent (if retention is no longer required) — within 15 days.
6.5.3. Destruction of personal data shall be carried out by a commission appointed by order of the Operator’s head.
6.5.4. Methods of destruction of personal data are defined in the Operator’s internal regulations.
7. Final Provisions
7.1.The User may obtain any clarifications regarding the processing of their personal data by contacting the Operator via email at Marketing@innostage-group.ru or at the Operator’s registered address specified in Clause 1.5 of this Policy.
7.2. Any changes to the Operator’s Personal Data Processing Policy shall be reflected in this document. This Policy shall remain in effect indefinitely until replaced by a new version.
7.3. The current version of the Policy is publicly available at the office of Innostage LLC at:
60 Podluzhnaya St., Kazan, Republic of Tatarstan, 420015, Russian Federation,
as well as on the Website.
7.1.The User may obtain any clarifications regarding the processing of their personal data by contacting the Operator via email at Marketing@innostage-group.ru or at the Operator’s registered address specified in Clause 1.5 of this Policy.
7.2. Any changes to the Operator’s Personal Data Processing Policy shall be reflected in this document. This Policy shall remain in effect indefinitely until replaced by a new version.
7.3. The current version of the Policy is publicly available at the office of Innostage LLC at:
60 Podluzhnaya St., Kazan, Republic of Tatarstan, 420015, Russian Federation,
as well as on the Website.
Consent to Personal Data Processing
THE FORM OF CONSENT OF THE PERSONAL DATA SUBJECT FOR PROCESSING, INCLUDING THE TRANSFER OF HIS PERSONAL DATA
By submitting a request on the information resource — the website https://innostage-group.com/ (hereinafter referred to as the “Website”) via the registration form, I freely, of my own will and in my own interest, give my informed and explicit consent to Innostage LLC (60 Podluzhnaya St., Kazan, Republic of Tatarstan, 420015, Russian Federation; hereinafter referred to as the “Company” or the “Operator”), in accordance with Federal Law No. 152-FZ dated July 27, 2006 “On Personal Data”, to process, including transfer, my personal data:
Communication with the User to provide information or arrange a consultation upon the User’s request.
During processing, the following actions may be performed on personal data:
collection, recording, systematization, accumulation, storage, updating (modification), extraction, use, transfer, anonymization, blocking, deletion, and destruction.
Personal data may be processed both by automated means using computer technologies and without the use of such means.
Transfer of my personal data may be carried out for the purpose of contacting me to provide information or arrange a consultation upon my request to the following organizations processing personal data in the manner described above:
I undertake to promptly notify the Operator of any changes to my personal data within a period not exceeding five (5) days, including upon request of the Operator.
This consent may be withdrawn by:
Consent to the processing of personal data by the above-mentioned third parties may be withdrawn by sending a written request to the respective third parties.
This consent is valid from the moment it is given and shall remain in effect until the earliest of the following events:
In all other matters not covered by this consent, the Operator and the User shall be guided by the Company’s Personal Data Processing Policy available on the Website, as well as by applicable legislation of the Russian Federation.
- full name (if applicable);
- personal and/or business email address;
- employment information (company name, job title).
Communication with the User to provide information or arrange a consultation upon the User’s request.
During processing, the following actions may be performed on personal data:
collection, recording, systematization, accumulation, storage, updating (modification), extraction, use, transfer, anonymization, blocking, deletion, and destruction.
Personal data may be processed both by automated means using computer technologies and without the use of such means.
Transfer of my personal data may be carried out for the purpose of contacting me to provide information or arrange a consultation upon my request to the following organizations processing personal data in the manner described above:
- InnoStage CR LLC (INN 1615015123, OGRN 1191690101448), registered address: Office 223, 7 Universitetskaya St., Innopolis, Verkhneuslonsky District, Republic of Tatarstan, 420500, Russian Federation;
- Telecom Integration LLC (INN 7731642944, OGRN 1107746029874), registered address: Premises XXII, Rooms 9, 10, 12–14, 12A Namyotkina St., Cheremushki Municipal District, Moscow, 117420, Russian Federation;
- Standard Engineering LLC (INN 1635012586, OGRN 1181690095718), registered address: Office 104, 19A Ozernaya St., Bogatye Saby, Sabinsky District, Republic of Tatarstan, 422060, Russian Federation;
- Artko LLC (INN 1657061273, OGRN 1061685049744), registered address: Office 1, Premises 416, 45A Yamasheva Ave., Kazan, Republic of Tatarstan, 420124, Russian Federation.
I undertake to promptly notify the Operator of any changes to my personal data within a period not exceeding five (5) days, including upon request of the Operator.
This consent may be withdrawn by:
- personal application at: 60 Podluzhnaya St., Kazan, Republic of Tatarstan, 420015, Russian Federation; or
- sending a written request (including in the form of an electronic document signed with a simple or qualified electronic signature) to: Marketing@innostage-group.ru or to the address listed above.
Consent to the processing of personal data by the above-mentioned third parties may be withdrawn by sending a written request to the respective third parties.
This consent is valid from the moment it is given and shall remain in effect until the earliest of the following events:
- conclusion of a civil law contract with the User, accompanied by a separate consent for personal data processing;
- withdrawal of consent by the User;
- expiration of one year from the date the consent is given.
In all other matters not covered by this consent, the Operator and the User shall be guided by the Company’s Personal Data Processing Policy available on the Website, as well as by applicable legislation of the Russian Federation.
Consent to Personal Data Processing Using Cookies
By this, the Visitor gives their consent to Innostage LLC (INN 1655428600, registered address: 60 Podluzhnaya St., Kazan, Republic of Tatarstan, 420015, Russian Federation; hereinafter referred to as the “Company”) to process their personal data when visiting and using the website https://innostage-group.com/ (hereinafter referred to as the “Website”), including its subdomains and pages, under the following conditions:
1. This consent is given for the processing of personal data using automated means — cookies (files used by web servers to identify Visitors and store data about them).
2. Categories of Personal Data
The following personal data may be processed:
Cookies are small text files automatically stored in the Visitor’s browser by the Website. They enable the Website to access stored information on the Visitor’s device when necessary. The Operator uses cookies, for example, to remember the language selected by the User. When the Visitor returns to the Website, this allows the Operator to better account for the Visitor’s preferences. Most web browsers automatically accept cookies; however, the Visitor may change browser settings at any time to refuse their storage.
3. Purposes of Processing
Personal data is processed for the following purposes:
4. Legal Grounds
The legal basis for processing personal data includes:
5. Processing Activities
The following actions may be performed with personal data:
collection, recording, accumulation, storage, updating (modification), use, transfer (including provision to Innostage LLC for the purposes specified in Clause 3), blocking, deletion, and destruction.
6. Validity Period of Consent
This consent shall remain valid until the earliest of the following events:
7. Withdrawal of Consent
The Visitor may withdraw this consent by sending a written request to: Marketing@innostage-group.ru
In such case, processing of personal data may continue if there are other legal grounds for such processing under applicable law.
8. Final Provisions
In all matters not covered by this consent, the Operator and the Visitor shall be guided by the Personal Data Processing Policy of Innostage LLC available on the Website https://innostage-group.com/, as well as by applicable legislation of the Russian Federation.
1. This consent is given for the processing of personal data using automated means — cookies (files used by web servers to identify Visitors and store data about them).
2. Categories of Personal Data
The following personal data may be processed:
- IP address;
- data from cookies;
- user data (including location information; type and version of the operating system; browser type and version; device type and screen resolution; time of access to the Website; address of the previous page);
- technical device data: IP address, operating system type, device type (e.g., personal computer, mobile phone, tablet), browser type, geographic location, form submission activity, Internet service provider;
- information automatically obtained when accessing services, including websites, using cookies;
- information obtained as a result of Visitor actions, including comments, requests, feedback, and inquiries;
- anonymized visitor data (including cookies) collected and processed using web analytics services (e.g., Yandex Metrica).
Cookies are small text files automatically stored in the Visitor’s browser by the Website. They enable the Website to access stored information on the Visitor’s device when necessary. The Operator uses cookies, for example, to remember the language selected by the User. When the Visitor returns to the Website, this allows the Operator to better account for the Visitor’s preferences. Most web browsers automatically accept cookies; however, the Visitor may change browser settings at any time to refuse their storage.
3. Purposes of Processing
Personal data is processed for the following purposes:
- collection of information about Website usage;
- improvement of Website performance and functionality;
- statistical analysis of Website usage using analytics tools.
4. Legal Grounds
The legal basis for processing personal data includes:
- Article 24 of the Constitution of the Russian Federation;
- Article 6 of Federal Law No. 152-FZ “On Personal Data”;
- other applicable laws and regulations of the Russian Federation.
5. Processing Activities
The following actions may be performed with personal data:
collection, recording, accumulation, storage, updating (modification), use, transfer (including provision to Innostage LLC for the purposes specified in Clause 3), blocking, deletion, and destruction.
6. Validity Period of Consent
This consent shall remain valid until the earliest of the following events:
- withdrawal of consent by the Visitor;
- expiration of one year from the date of the last consent given by the Visitor.
7. Withdrawal of Consent
The Visitor may withdraw this consent by sending a written request to: Marketing@innostage-group.ru
In such case, processing of personal data may continue if there are other legal grounds for such processing under applicable law.
8. Final Provisions
In all matters not covered by this consent, the Operator and the Visitor shall be guided by the Personal Data Processing Policy of Innostage LLC available on the Website https://innostage-group.com/, as well as by applicable legislation of the Russian Federation.