ENG РУС

PERSONAL DATA PROCESSING POLICY OF LLC «GROTEKS»

  1. General Provisions
    1. This Personal Data Processing Policy (hereinafter - the Policy), adopted by LLC "Grotex" (Primary State Registration Number 1107847033535, Taxpayer Identification Number 7814459396, legal address: Russia, 195279, St. Petersburg, Industrial Ave., bld. 71, corp. 2, lit. A) (hereinafter - Grotex), defines the basic principles, purposes, procedure and conditions for processing personal data of subjects, measures to ensure the security and protection of personal data.
    2. This Policy has been developed in accordance with the requirements of the Constitution of the Russian Federation, based on the requirements of the Federal Law of the Russian Federation dated July 27, 2006 No. 152-FZ "On Personal Data" and other legislative and regulatory legal acts of the Russian Federation in the field of personal data and is published for unlimited access on the Grotex website at: www.solopharm.com.
    3. When processing personal data, Grotex proceeds from the need to ensure protection of human and civil rights and freedoms in accordance with the requirements of the legislation of the Russian Federation, guarantees confidentiality regarding the received personal data, taking into account the provisions of this Policy and undertakes to use them only for the purposes specified in the Policy.
    4. Compliance with the Policy is the main condition for processing personal data and is mandatory for all employees of Grotex.
    5. The Policy aims to ensure the protection of human and civil rights and freedoms when processing his personal data, including the protection of rights to privacy, personal and family secrets, defining Grotex's policy as an operator regarding the processing of personal data. The Policy regulates relations between Grotex and citizens arising in connection with the processing of their personal data by Grotex using automation tools or without using such tools.
  2. TERMS AND DEFINITIONS, COMPOSITION OF PERSONAL DATA
    1. The terms and definitions used in the Policy are interpreted in accordance with the Federal Law of 07/27/2006 No. 152-FZ "On Personal Data" (hereinafter - the Federal Law "On Personal Data") and other regulatory legal acts of the Russian Federation.
    2. Personal data - any information relating to directly or indirectly identified or identifiable individual (subject of personal data) (hereinafter - PD).

      PD and their categories may vary in the degree of certainty and identifiability of the PD subject and depend on the actual possibility of identifying a specific person and citizen (subject) based on them.

      Data that does not identify an individual or does not allow identification of such individual even with the application of any procedures is not PD, and their processing is not related to the need to comply with the legislation of the Russian Federation on PD. Such data may include information such as gender, age, position, profession, hobbies, etc., and information that appears in connection with the widespread penetration of the Internet into everyday life, until such information allows identification of an individual.
    3. Processing of personal data (hereinafter - PD processing) - any action (operation) or set of actions (operations), performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
    4. Operator - a state or municipal body, legal entity or individual, independently or jointly with other persons organizing and (or) carrying out processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data, subject to processing, actions (operations), performed with personal data. For the purposes of the Policy, the operator is Grotex.
    5. PD subjects - identified or identifiable (capable of being identified) individuals. Grotex processes and protects personal data (including last name, first name, patronymic, date of birth, place of work, profession, position, contact phone number, email address, etc.) of clients and counterparties of Grotex, consumers of goods produced and supplied by Grotex, participants in events held by Grotex, employees of counterparties, employees of potential counterparties, visitors to the Grotex website(s), as well as personal data, received at the address of the corporate mail of Grotex, ending with @grotexmed.com (hereinafter - Corporate Mail), subjects who have expressed consent to the processing of personal data (hereinafter - Consent) by sending information through selected forms on the Site pages, sending an electronic letter, filling out consent in written form. The moment of acceptance of the Consent is marking the corresponding field in the Form and clicking on the submit button of the Form on any page of the Site, as well as clicking on the button sending electronic letter containing the personal data of the subject, to the address of the Corporate Mail, receiving written consent.
    6. While using the Grotex website, reading texts and downloading other information, automatic registration of certain data about the computer from which the site visitor views the site Grotex occurs. When using the site, Grotex collects the following information:
      • date and time of visiting the site;
      • number of pages visited, their names, as well as viewing duration;
      • IP address assigned to the device for Internet access;
      • browser type and operating system;
      • URL of the site from which the transition was made.
  3. CONDITIONS AND PURPOSES OF PERSONAL DATA PROCESSING
    1. Grotex processes PD for the purpose of manufacturing pharmaceutical products, chemical products, carrying out wholesale trade activities in pharmaceutical and medical goods, trade-purchasing and trade-intermediary activities, including in the foreign market, as well as in the domestic market, conducting marketing analyses and research, carrying out marketing and advertising activities, conducting scientific research and development in the field of natural (chemical, biological, medical, pharmaceutical) sciences, and other types of activities provided for by the Charter of Grotex, improving the quality of activities, fulfilling the requirements of the legislation of the Russian Federation, carrying out contractual, civil law relations with individuals in accordance with the Civil Code of the Russian Federation, conducting statistical and other research.
    2. By receiving PD from individuals specified in this Policy and starting their processing, Grotex becomes an operator. PD processing is carried out by Grotex in compliance with the principles, conditions and rules, provided for by legislation on PD, as well as in accordance with this Policy in the following main cases:
      1. Processing of personal data is carried out with the consent of the PD subject to process his PD. To include any PD in publicly available sources of PD and/or transfer PD to third parties it is necessary to obtain the specified consent in written form or in the form of an electronic letter, or to obtain consent through the website. This case includes, in particular, the processing of PD:
        • participants in educational and scientific events conducted by Grotex or with its direct participation for the purpose of accounting for the number of participants, analyzing their professional interests, ensuring the current level of security in Grotex, including the current access control system and monitoring its compliance, video surveillance and video recording on the territory and in the premises where Grotex is located; ensuring information about events held by Grotex, research performed, projects implemented and their results; promoting goods, works, services of Grotex on the market, including through direct contacts with PD subjects, as well as through communication means;
        • managers, representatives, employees of organizations, legal entities - counterparties or potential counterparties under contracts, agreements and contracts (hereinafter collectively - contracts), clients, consumers, visitors to the Grotex website for the purpose of preparing for the conclusion of contracts and execution of such contracts, maintaining records of concluded contracts, for the purpose of conducting analysis, research on quality, level of activities performed by Grotex;
        • sending reference and marketing information to site users, by sending messages to the email address specified by the site visitor; providing users with the opportunity for feedback with Grotex; providing site users consultations on issues related to goods produced by Grotex, for marketing activities and user support, as well as for other purposes not contrary to the current legislation of the Russian Federation and conditions of agreements between Grotex and the relevant site users.
      2. PD processing is necessary for the implementation and performance of functions, powers and duties assigned by the legislation of the Russian Federation to Grotex as an operator.
      3. PD processing is necessary for production, entrepreneurial, scientific, research activities provided that the rights and legitimate interests of the personal data subject are not violated;
      4. PD processing is carried out for statistical or other research purposes.
    3. All the above PD of subjects are processed in the volume and within the time limits provided for by the relevant consents to PD processing, including those expressed in the text of civil law contracts, and/or in regulatory legal acts, and/or local regulatory acts of Grotex, and/or arising from such regulatory legal acts and local regulatory acts of Grotex, or within the time limits necessary to achieve the specified goals. The above conditions for PD processing are not exhaustive. Provided consents to PD processing may supplement or otherwise change the purposes, scope, methods and terms of PD processing.
    4. Processing of PD of other persons is carried out if they have given their consents, if they actually interact with Grotex, including in the form of arising or existing legal relations. Unless otherwise specified in the Policy, concluded contracts or consents to PD processing provided by PD subjects, Grotex uses such PD exclusively for the purposes for which they were provided to Grotex.
    5. Employees of Grotex who process PD on behalf of Grotex must, in advance, before starting PD processing, ensure its admissibility and legality, verify that Grotex possesses the corresponding powers and/or consents of PD subjects. In the absence of such powers and/or consents the specified employee of Grotex must ensure obtaining consent from the subject whose PD processing is planned. In this regard, he may:
      • provide in various electronic registration forms, correspondence by electronic mail, telephone conversations, personal meetings obtaining consents to PD processing from the corresponding subjects PD with mandatory fixation of such consent in any form allowing to confirm the fact of its receipt, in including with subsequent personal confirmation of providing consents by such subjects in written form;
      • use the recommended form of written consent, which can be obtained from his immediate supervisor, head of the service to which the employee is assigned or from the financial service of Grotex legal department.
    6. Whenever obtaining the necessary consent for PD processing is impossible and there are sufficient grounds to believe that PD processing may violate the rights of the PD subject(s), the corresponding employee of Grotex notifies in any fixed way (on paper, by corporate email, fax, SMS) his immediate supervisor and the head of the service to which the employee is assigned, for developing a reasonable approach to PD processing or establishing the impossibility of their processing.

      Heads of structural divisions of Grotex, in whose direct activities PD processing occurs of subjects, ensure taking all necessary measures to comply with the legality of PD processing, including obtaining consents for processing and, if necessary, developing local regulatory acts defining the conditions for processing PD of the corresponding groups of subjects. The specified powers can be delegated by the heads of structural divisions of Grotex to other employees of Grotex.
    7. Unless otherwise indicated, by providing his PD to Grotex, the PD subject accepts the terms of the Policy and thereby freely, of his own free will and in his own interest disposes of them, understands the consequences of their provision and expresses his consent to their processing for the purposes for which they are provided, as well as for the purposes of compliance by Grotex with regulatory and non-regulatory legal acts adopted in the Russian Federation; execution of decisions, instructions and requests of state authorities performing certain functions and powers of the founder of Grotex, as well as other state authorities and their officials persons; ensuring information about events held by Grotex, research performed, projects implemented and their results; promoting goods, works, services of Grotex on the market, including through direct contacts with PD subjects, including through communication means; carrying out by Grotex its statutory activities; as well as accumulating information about persons interacting with Grotex, by collecting, recording, systematizing, accumulating, storing, clarifying (updating, changing), retrieving, using, transferring (distributing, providing, accessing), depersonalizing, blocking, deleting, destroying, performed, including with the use of automation tools. The volume of processed PD in the specified case is limited to those data, which are provided by PD subjects independently by their consent, the term of PD processing is not limited, until the PD subject declares withdrawal of his consent to the processing of his PD. Despite the wide range of actions allowed with PD, for the performance of which such consent is given, when processing PD, Grotex is limited to achieving specific, predetermined, lawful goals and does not allow redundancy of their processing. Grotex does not sell or provide PD for use in any objective form. PD processing in Grotex beyond the above cases, in the absence of consents of PD subjects to their processing, is prohibited.
    8. The person responsible in Grotex for organizing the processing of personal data is an employee appointed by order of the General Director of Grotex.
  4. ACCESS TO PERSONAL DATA
    1. Only those persons who are specified or defined in the Policy or internal local acts of Grotex, persons who have been delegated the corresponding powers in the manner established by this Policy are allowed to process PD in Grotex.
    2. Other employees of Grotex may gain access to PD for the purposes of reading and preparing methodological, analytical, summary and other materials on issues related to the activities of such persons or structural divisions of Grotex to which they belong. Access of employees of third parties to PD may be carried out exclusively under the condition of Grotex receiving obligations from such persons to maintain confidentiality, non-disclosure of the corresponding PD to other persons.
    3. Persons guilty of violating the procedure for processing PD bear the responsibility provided for by the legislation of the Russian Federation. In relation to employees of Grotex who violated the procedure for processing PD, disciplinary measures may be applied.
  5. FEATURES OF PERSONAL DATA PROTECTION
    1. Protection of PD consists of taking legal, organizational and technical measures aimed at:
      • ensuring the protection of PD from unauthorized access, destruction, modification, blocking, copying, provision, distribution, as well as from other unlawful actions regarding PD;
      • maintaining the confidentiality of PD;
      • implementing the right to access PD.
    2. Grotex ensures the effective operation of the PD protection system, which includes organizational and (or) technical measures, determined taking into account current threats to PD security and information technologies, used in information systems.
    3. Protection of PD stored in electronic databases and in information systems of Grotex, from unauthorized access, distortion and destruction of information, as well as from other unlawful actions, is ensured by differentiating access rights using an account and password system.
    4. The organization of PD storage in Grotex is carried out in a manner that excludes their loss or their unlawful use.
    5. To regulate access of Grotex employees to PD, documents, including electronic, other material carriers, databases and information systems containing PD, in order to exclude unauthorized access by third parties, employees who process PD in Grotex by position, must comply with and ensure:
      • strict selective and justified distribution of documents, other material carriers containing PD, among employees;
      • rational placement of employees' workplaces, which excludes uncontrolled use of PD;
      • knowledge by the relevant employees of the requirements of regulatory legal and local regulatory acts on information protection and maintaining the confidentiality of such information;
      • availability of necessary conditions in the premises for working with documents, other material carriers, databases and information systems containing PD;
      • determination and regulation of the composition of employees who have the right to access databases and information systems containing PD;
      • organization of the procedure for the destruction of material carriers containing PD, and its compliance;
      • timely identification of violations of the requirements of the permissive system of access to PD;
      • work in the structural unit to prevent the loss and disclosure of PD when working with them;
      • restriction of access to documents, other material carriers, databases and information systems, containing PD.
    6. All measures to ensure the confidentiality of PD during their processing apply both to material carriers and PD presented in electronic format.
    7. The measures for protecting personal data applied in Grotex include:
      • appointment of a responsible person for organizing the processing of personal data;
      • application of legal, technical and organizational measures to ensure security of personal data;
      • assessment of the harm that may be caused to personal data subjects in case of violation of the requirements of the legislation, the ratio of harm and the security measures taken by Grotex;
      • use of protected premises with restricted access for the placement of servers of information systems of personal data, as well as the use of lockable cabinets for storing paper carriers of personal data;
      • familiarization of Grotex employees who directly carry out the processing of personal data, with the provisions of the legislation of the Russian Federation on personal data;
      • control over the measures taken to ensure the security of personal data.
  6. Log Information, "Cookies" and "Web Beacons" Technologies
    1. The Grotex website(s) collects standard session log information, including IP address, type and language of the browser, as well as data on the time of visit and addresses of websites from which the transition was made via links. To ensure effective site management and assist in customizing the user interface, Grotex may use cookies (small text files stored in the visitor's browser) or web beacons (electronic images) together with tracking pixels, allowing the site to count the number of visitors who visited a certain page, and provide access to certain cookie files. The collected standard information is used exclusively for statistical purposes. Grotex does not use personal data to personally identify any of the users. However, when authorizing registered users on the Grotex website, it may use this information in combination with information obtained through data analysis tools and cookie files in order to analyze how the user uses the site.
    2. By using the site, the user gives his consent for Grotex to download cookie files to the user's device under the conditions described above.
    3. The user has the ability to manage cookie files by referring to the browser settings. In case of deletion of cookie files, all data on the User's preferences will be deleted, including the preference to refuse the use of cookie files. In case of blocking cookie files, changes may affect the user interface, and some components of the site may become unavailable.
  7. RIGHTS AND OBLIGATIONS OF THE PERSONAL DATA SUBJECT
    1. The personal data subject has the right:
      • to demand clarification of his personal data, their updating, blocking or destruction;
      • to receive a list of his personal data processed by Grotex, the source of their receipt, information about the terms of processing his personal data, including the terms of their storage, and other information about the processing of his personal data;
      • to demand notification of all persons who were previously informed of his incorrect or incomplete personal data, about all corrections or additions made;
      • to appeal in the prescribed manner unlawful actions or inaction during the processing of his personal data.
    2. PD subjects undertake to provide only reliable data about themselves.
    3. Consent to the processing of personal data is granted by PD subjects for the entire period necessary for Grotex to achieve the purposes of processing.
    4. Consent to the processing of personal data may be withdrawn by the PD subject by sending a written application to the address of Grotex: 195279 Russia, St. Petersburg, Industrial Ave., house 71, building 2, letter A or to the address of the Corporate Mail (grtx@grotexmed.com).
    5. Persons who have transmitted information to Grotex through the website about another personal data subject, without having the consent of the subject whose personal data were transmitted, bear responsibility in accordance with the legislation of the Russian Federation.
  8. FINAL PROVISIONS
    1. This Policy is subject to change or addition in cases of making corresponding changes or additions to the current legislation of the Russian Federation on personal data, and also may be changed at any time at the discretion of Grotex. The current version of the Policy in Grotex is always available for viewing by an unlimited number of persons on the website at: www.solopharm.com.
    2. All relations involving Grotex, concerning the processing and protection of personal data and not directly reflected in this Policy, are regulated in accordance with the provisions of the current legislation of the Russian Federation on personal data.
    3. Control over the implementation of the requirements of this Policy is carried out by the person responsible for organizing the processing of personal data in Grotex.

The date the Policy was last updated was July 10, 2019.

Contact Us:

+7 (812) 385-47-87 info@bellarti.ru

Office: St. Petersburg, Lvovskaya Street, 27, "Office L27"

Manufacturing facility:: St. Petersburg, Industrialny Ave., 71, building 2, letter A

SOLOPHARM
Subscribe: From development to production
Privacy policy

© BELLARTI 2025

Design, Website development and maintenanceTechart.

We use cookies in accordance with the cookie policy, to ensure better performance of the website.