2. General Terms and Definitions
2.1. This Policy uses terms and definitions accordingly:
2.1.4. Privacy of personal data - mandatory for the operator and other individuals having access to personal data, the requirement not to transfer to third parties personal data without the consent of the subject of personal data or other legal basis.
2.1.1. Automated processing of personal data - processing of personal data using computers.
2.1.2. Blocking of personal data - suspension of personal data processing (except when processing is necessary to clarify personal data).
2.1.3. Personal Data Information System - set of personal data in databases and providing information technology and technical means for its processing.
2.1.5. Responsible for managing personal data process in the organization - an employee appointed by order of the Director of the University in charge for ensuring that the University and its employees comply with the legislation of the Russian Federation on personal data, including the requirements for the protection of personal data.
2.1.6. Unauthorized access - access to information, IT systems and IT infrastructure components by unauthorized persons, in violation control rules for access but using regular means by computer equipment or information system.
2.1.7. Personal Data Operator - a state institution, municipal institution, legal or individual person, independently or together with other persons, organizing and (or) carrying out processing of personal data, as well as determining the purposes of personal data processing, personal data components subject to processing, actions (operations) performed with personal data. This Policy defines the Personal Data Operator as ANO HE "Innopolis University".
2.1.8. Anonymization of personal data - actions that make it impossible, without the use of additional information, to determine what personal data belongs to a particular personal data subject.
2.1.9. Processing of personal data - any action (operation) or a set of actions (operations) performed with or without the use of automation means with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), anonymization, blocking, removal, destruction of personal data.
2.1.10. Personal Data - any information relating directly or indirectly to a specific or identifiable individual (the subject of personal data).
2.1.11. Submission personal data - actions to disclose personal data to a particular person or a particular group of persons.
2.1.12. Sharing personal data - actions to disclose personal data to unspecified audience.
2.1.13. Department of the University - department of the University that performs certain processes, functions, and works and participates in the economic activities of the University, but does not have economic independence within the University.
2.1.14. Subject of personal data - an individual who is directly or indirectly defined or identifiable by personal data.
2.1.15. Third Parties - any individuals who are not employees of the University, any legal persons, associations thereof, officials, public authorities and local governments, and other persons entering any legal relations with the University.
2.1.16. Destruction of personal data - actions, resulting in failure to restore the content of personal data in the information system of personal data and (or) as a result of which material personal data carriers are destroyed.