Become a partner
Become our partner
Fill out the form to start mutually beneficial cooperation
You must agree to the terms
Thank you!

Successful message sending.

Personal data processing privacy policy

1. General provisions

1.1. This Personal Data Processing Privacy Policy (hereinafter referred to as the “Policy”) has been developed in accordance with the requirements of paragraph 2, part 1, article 18.1 of the Federal Law No. 152-FZ of July 27, 2006, “On Personal Data” (hereinafter referred to as the “Personal Data Law”) to ensure the protection of the rights and freedoms of individuals when processing their personal data, including the protection of privacy rights, personal and family secrets. The Policy establishes the procedure for processing personal data of users of the website: https://wre.group/ (hereinafter referred to as the “Administration” or the “Operator”) and ensures compliance with the requirements for the protection of citizens’ rights in the processing of personal data.

1.2. The Policy applies to all personal data processed by the Operator. The use of the website’s services signifies the unconditional consent of the User to this Policy and the terms of processing their personal data specified herein; if the User disagrees with these terms, they should refrain from using the services.

1.3. The Policy applies to the relationships regarding personal data processing that have arisen with the Operator both before and after the approval of this Policy.

1.4. In accordance with the requirements of part 2, article 18.1 of the Personal Data Law, this Policy is published in open access on the Internet on the Operator’s website.

2. Basic terms

2.1. For the purposes of this Policy, the following basic terms are used:

Website: A collection of software and hardware means for computers that ensures the publication of data on the Internet for public viewing. The website is accessible through a unique electronic address or its alphabetical designation. It may contain graphic, text, audio, video, and other information reproduced using computers.

Operator: A legal or natural person that organises and/or carries out the processing of personal data, as well as determines the purposes and content of personal data processing.

Personal Data: Any information related to an identified or identifiable natural person (personal data subject), including their last name, first name, patronymic, year, month, date and place of birth, address, family, social, property status, education, profession, income, and other information.

Personal Data Subject: In the context of this Policy, a natural person who is a client—User of the website: https://wre.group/.

Processing of Personal Data: Actions (operations) with personal data, including collection, systematisation, accumulation, storage, updating (modification), use, dissemination (including transfer), anonymisation, blocking, and destruction of personal data.

Confidentiality of Personal Data: A mandatory requirement for the Operator or any other person who has access to personal data to prevent their dissemination without the consent of the personal data subject or other legal grounds.

Dissemination of Personal Data: Actions aimed at transferring personal data to a certain circle of persons or making personal data available to an unlimited number of persons, including publication in the media, placement in information and telecommunication networks, or providing access to personal data in any other way.

Use of Personal Data: Actions (operations) with personal data performed by the Operator for making decisions or taking other actions that create legal consequences for the personal data subject or other persons, or otherwise affect the rights and freedoms of the personal data subject or other persons.

Destruction of Personal Data: Actions that result in the impossibility of restoring the content of personal data in the personal data information system or that result in the destruction of the material carriers of personal data.

Anonymisation of Personal Data: Actions that result in the impossibility of determining the ownership of personal data to a specific personal data subject.

Blocking of Personal Data: Temporary suspension of the collection, systematisation, accumulation, use, and dissemination of personal data, including their transfer.

Personal Data Information System: A set of personal data contained in databases and information technologies and technical means that ensure their processing.

Cross-Border Transfer of Personal Data: Transfer of personal data to the territory of a foreign state, to a foreign state authority, a foreign individual, or a foreign legal entity.

Publicly Available Personal Data: Personal data to which an unlimited number of persons have access with the consent of the personal data subject or data that, in accordance with federal laws, do not require confidentiality.

2.2. Within the framework of this Policy, the User’s personal data are understood as:

2.2.1. Personal data that the User provides about themselves independently when registering (creating an account) or in the process of using the Services, including the User’s personal data. Information required for the provision of Services is specially marked. Other information is provided by the User at their discretion.

2.2.2. Data that is automatically transmitted to the website’s services in the process of their use through the software installed on the User’s device, including IP address, cookie data, information about the User’s browser (or other software used to access the services), technical characteristics of the hardware and software used by the User, date and time of access to the services, addresses of requested pages, and other similar information.

2.2.3. Other information about the User, the processing of which is provided for by the Website Usage Agreement.

2.2.4. This Policy applies only to the website: https://wre.group/ and does not control or take responsibility for third-party websites to which the User may navigate via links available on the website: https://wre.group/.

3. Purposes of processing user personal data

3.1. The website collects and stores only the personal data that are necessary for providing services or fulfilling agreements and contracts with the User, except in cases where the law mandates the storage of personal data for a specified period.

3.2. The website processes the User’s personal data for the following purposes:

3.2.1. Identifying the User registered on the website for the purpose of entering into real estate transactions.

3.2.2. Providing the User with access to the website’s resources.

3.2.3. Establishing feedback with the User, including sending notifications, requests regarding the use of the website, providing services, processing inquiries and requests from the User with the aim of concluding real estate transactions.

3.2.4. Determining the User’s location to ensure security and prevent fraud.

3.2.5. Confirming the accuracy and completeness of the personal data provided by the User.

3.2.6. Creating an account for studying the demand for real estate in foreign regions if the User has consented to the creation of the account.

3.2.7. Informing the User of the website about foreign real estate markets.

3.2.8. Providing efficient client and technical support to the User in case of issues related to the use of the website.

3.2.9. Conducting advertising activities with the User’s consent.

4. Basic rights and obligations of the operator

4.1. The Operator has the right to:

  • Independently determine the composition and list of measures necessary and sufficient to ensure the fulfilment of the obligations stipulated by the Personal Data Law and the regulatory legal acts adopted in accordance with it, unless otherwise provided by the Personal Data Law or other federal laws;
  • Entrust the processing of personal data to another person with the consent of the personal data subject, unless otherwise provided by federal law, based on a contract concluded with this person. The person processing personal data on behalf of the Operator is obliged to comply with the principles and rules for processing personal data stipulated by the Personal Data Law;
  • In case the personal data subject withdraws their consent to the processing of personal data, the Operator has the right to continue processing personal data without the consent of the personal data subject if there are grounds specified in the Personal Data Law.

4.2. The Operator is obliged to:

  • Organise the processing of personal data in accordance with the requirements of the Personal Data Law;
  • Respond to requests and inquiries from personal data subjects and their legal representatives in accordance with the requirements of the Personal Data Law;
  • Notify the authorised body for the protection of the rights of personal data subjects (the Federal Service for Supervision of Communications, Information Technology, and Mass Media—Roskomnadzor) upon request of this body, providing the necessary information within 30 days from the date of receipt of such a request.

4.3. Basic Rights of the Personal Data Subject.

The personal data subject has the right to:

1) Obtain information about the Operator, its location, the availability of personal data related to the respective personal data subject, and to familiarise themselves with such personal data. The personal data subject has the right to request the Operator to update their personal data, block or destroy them if the personal data are incomplete, outdated, inaccurate, illegally obtained, or not necessary for the stated purpose of processing, as well as to take legal measures to protect their rights.

Information about the availability of personal data must be provided to the personal data subject by the Operator in an accessible form and should not contain personal data related to other personal data subjects.

Access to their personal data is provided to the personal data subject or their legal representative upon request. The request must include the number of the primary document identifying the personal data subject or their legal representative, information about the issuance date of the said document and the issuing authority, and the personal signature of the personal data subject or their legal representative. The request can be sent electronically and signed with a digital signature in accordance with the legislation of the Russian Federation;

2) Obtain, upon request or inquiry, information regarding the processing of their personal data, including:

  • Confirmation of the fact of personal data processing by the Operator, as well as the purpose of such processing;
  • Methods of personal data processing used by the Operator;
  • Information about persons who have access to personal data or to whom such access may be granted;
  • A list of processed personal data and the source of their acquisition;
  • Timeframes for the processing of personal data, including the duration of their storage;
  • Information about the legal consequences for the personal data subject that may result from the processing of their personal data;

3) Withdraw consent to the processing of personal data, restrict the methods and forms of processing personal data, and prohibit the dissemination of personal data without their consent;

4) Appeal the actions or inactions of the Operator to the authorised body for the protection of personal data subjects’ rights or in court;

5) Protect their rights and legitimate interests, including the right to compensation for damages and moral harm through judicial procedures.

5. Legal basis for personal data processing

5.1. The legal basis for processing personal data consists of a combination of regulatory legal acts, in compliance with which the Operator carries out the processing of personal data, including:

  • The Constitution of the Russian Federation;
  • The Civil Code of the Russian Federation;
  • Other regulatory legal acts regulating relations related to the advertising activities of the Operator and the user agreement.

6. Processing of personal data

6.1. The processing of personal data is carried out by the Operator exclusively to achieve the purposes defined by this Policy and the user agreement.

6.2. The processing of personal data by the Operator includes collecting, systematising, accumulating, storing, updating (modifying), using, disseminating, anonymising, blocking, destroying, and protecting against unauthorised access.

6.3. The processing of personal data is carried out by automated processing methods.

6.4. Only persons whose duties are directly related to access to and work with the personal data of the User may have access to the processing of the User’s personal data.

6.5. In the event of a corresponding request from the personal data subject, the Operator is obliged to make the necessary changes, destroy, or block the relevant personal data upon providing by the personal data subject or their legal representative of information confirming that the personal data related to the respective subject and processed by the Operator are incomplete, outdated, inaccurate, illegally obtained, or not necessary for the stated purpose of processing. The Operator must notify the personal data subject or their legal representative and third parties to whom the personal data of this subject has been transferred about the changes made and the measures taken.

7. Transfer of personal data

7.1. The transfer of personal data is carried out by the Operator exclusively in cases where it is necessary to fulfil the User Agreement or provide the User with certain Services with the User’s consent.

7.2. The transfer of personal data to third parties is carried out by the Operator only on the basis of a corresponding contract, the essential condition of which is the obligation of the third party to ensure the confidentiality and security of personal data during their processing. This provision does not apply in the case of anonymising personal data and regarding publicly available personal data.

7.3. The transfer of personal data to government authorities is carried out within the scope of their powers in accordance with applicable law.

8. Storage of personal data

8.1. Personal data are stored exclusively on electronic media (servers) and processed using automated systems.

8.2. Upon achieving the purposes of processing personal data, as well as in the event of the personal data subject’s withdrawal of consent for their processing, personal data shall be destroyed if:

  • Otherwise not provided by the contract, where the personal data subject is a party, beneficiary, or guarantor;
  • The Operator is not entitled to process personal data without the consent of the personal data subject based on grounds provided by the Personal Data Law or other federal laws;
  • Otherwise not provided by another agreement between the Operator and the personal data subject.

The destruction of personal data of the subject is formalised by the corresponding act on the termination of the processing of personal data.

9. Access to client personal data

9.1. Persons authorised by the Operator in accordance with the requirements of the legislation have the right to access the personal data of Users.

9.2. The personal data subject’s access to their personal data is provided upon personal contact or upon receipt of a written request. The Operator is obliged to inform the personal data subject of the availability of personal data about them and provide the opportunity to familiarise themselves with them within ten working days from the date of the request.

10. Protection of user personal data

10.1. Information containing the User’s personal data stored on electronic media is subject to protection.

10.2. The Operator is obliged to take necessary organisational and technical measures to protect personal data from unauthorised or accidental access, destruction, modification, blocking, copying, dissemination of personal data, as well as from other unlawful actions during the processing of Users’ personal data.

10.3. Protection of Users’ personal data stored in the Operator’s electronic databases from unauthorised access, distortion, and destruction of information, as well as from other unlawful actions, is ensured by the Operator’s employees.

10.4. Access to electronic databases containing Users’ personal data is protected by:

  • Using antivirus and other software and technical means to protect the perimeter of the internal network, preventing unauthorised access to the Operator’s local network;
  • Differentiating access rights using user accounts.10.5. All electronic applications containing personal data, including personal data information systems, folders, and files containing personal data, are protected by passwords.

10.6. Responses to written requests from authorised state bodies, other organisations, and institutions regarding Users’ personal data are provided only with the written consent of the personal data subjects unless otherwise provided by law. Responses are provided in writing and to the extent that does not disclose an excessive amount of personal data.

11. Liability for disclosure of information containing user personal data

11.1. An Operator who violates the norms regulating the receipt, processing, and protection of personal data bears administrative, civil, or criminal liability in accordance with federal laws.