This Personal Data Processing Policy has been drafted in compliance with the requirements of Federal Law No. 152-FZ dated July 27, 2006 "On Personal Data" (hereinafter referred to as the "Personal Data Law") and establishes the procedure for processing personal data as well as security measures implemented by ALPHADENT LLC (hereinafter referred to as the "Operator").

1.1. The Operator considers the protection of human and civil rights and freedoms during personal data processing, including the right to privacy, personal and family confidentiality, as its highest priority and fundamental operating condition.
1.2. This Operator's Policy regarding personal data processing (hereinafter referred to as the "Policy") applies to all information that the Operator may obtain about visitors to the website https://g-white.ru.

2.1. Automated Processing of Personal Data – processing of personal data using computer technology.
2.2. Blocking of Personal Data – temporary suspension of personal data processing (except where processing is required to clarify personal data).
2.3. Website – a collection of graphical and informational materials, as well as computer programs and databases that ensure their availability on the Internet at the web address https://g-white.ru.
2.4. Personal Data Information System – a set of personal data contained in databases and the information technologies and technical means enabling their processing.
2.5. Depersonalization of Personal Data – actions that make it impossible to determine, without additional information, the attribution of personal data to a specific User or other personal data subject.
2.6. Processing of Personal Data – any action (operation) or set of actions (operations) performed with personal data, whether or not by automated means, including:

• Collection, recording, systematization, accumulation, storage
• Clarification (updating, modification)
• Retrieval, use, transfer (distribution, provision, access)
• Depersonalization, blocking, deletion, destruction

2.7. Operator – a state body, municipal authority, legal entity, or individual that independently or jointly with others organizes and/or carries out the processing of personal data, as well as determines the:

• Purposes of processing
• Scope of personal data to be processed
• Actions (operations) performed with personal data

2.8. Personal Data – any information relating, directly or indirectly, to an identified or identifiable User of the website https://g-white.ru.
2.9. Personal Data Authorized for Dissemination – personal data to which an unlimited number of persons have been granted access by the personal data subject through consent to processing, as permitted under the Personal Data Law (hereinafter referred to as "Personal Data Authorized for Dissemination").
2.10. User – any visitor to the website https://g-white.ru.
2.11. Provision of Personal Data – actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of Personal Data – any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or making personal data available to the general public, including:

• Publication in mass media
• Placement in information and telecommunication networks
• Granting access by any other means

2.13. Cross-Border Transfer of Personal Data – transfer of personal data to the territory of a foreign state, to a foreign government authority, foreign individual, or foreign legal entity.
2.14. Destruction of Personal Data – any actions resulting in the irreversible destruction of personal data, with no possibility of further recovery of the content:

• In the Personal Data Information System
• Or on physical storage media

4.1. Personal data subjects have the right to:

• Request information about the processing of their personal data, except in cases restricted by federal laws. The Operator must provide this information in an accessible format, excluding personal data of other subjects unless legally permitted. The scope and procedure for obtaining such information are defined by the Personal Data Law.
• Demand that the Operator rectify, block, or destroy their personal data if it is:
• Incomplete, outdated, or inaccurate
• Illegally obtained
• Unnecessary for the stated processing purposes and take legal measures to protect their rights.
• Require prior consent for processing personal data for marketing purposes (promotion of goods, services, etc.).
• Withdraw consent to personal data processing and submit a request to terminate processing.
• File complaints with the authorized data protection authority (Roskomnadzor) or in court regarding the Operator’s unlawful actions/inaction.
• Exercise other rights granted by Russian legislation.

4.2. Personal data subjects must:

• Provide the Operator with accurate information about themselves.
• Notify the Operator of updates/changes to their personal data.

4.3. Liability for false information:
Individuals who provide the Operator with:

• False information about themselves, or
• Data about another person without consent, will be held liable under Russian law.

5.1. Personal data shall be processed lawfully and fairly.
5.2. Personal data processing shall be limited to achieving specific, predetermined and lawful purposes. Processing of personal data incompatible with the purposes of collection is prohibited.
5.3. Merging of databases containing personal data processed for incompatible purposes is prohibited.
5.4. Only personal data that is relevant to the processing purposes shall be processed.
5.5. The content and scope of processed personal data shall correspond to the stated processing purposes. Processing of excessive personal data in relation to the stated purposes is prohibited.
5.6. Processing of personal data shall ensure their accuracy, sufficiency and, where necessary, relevance to the processing purposes. The Operator shall take necessary measures to delete or rectify incomplete or inaccurate data.
5.7. Personal data shall be stored in a form that allows identification of data subjects no longer than required by the processing purposes, unless the storage period is established by federal law or an agreement where the data subject is a party, beneficiary or guarantor. Processed personal data shall be destroyed or anonymized upon achievement of the processing purposes or when such purposes are no longer relevant, unless otherwise provided by federal law.

Processing purpose: To contact the User via telephone communications
Personal data processed: Last name, first name, patronymic (as provided by the User), Mobile phone number, City, Company name
Legal basis: Federal Law No. 149-FZ "On Information, Information Technologies and Information Protection" dated July 27, 2006
Processing activities: Collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data

7.1. Personal data is processed with the consent of the personal data subject.
7.2. Processing is necessary to:

• Fulfill objectives established by international treaties of the Russian Federation or federal laws.
• Perform functions, powers, or duties imposed on the Operator by Russian law.

7.3. Processing is required for:

• Administration of justice.
• Enforcement of court rulings, decisions of government bodies, or other legally binding acts under Russian law.

7.4. Processing is necessary to:

• Execute a contract where the data subject is a party, beneficiary, or guarantor.
• Conclude a contract initiated by the data subject or where they will be a beneficiary/guarantor.

7.5. Processing is permitted to protect the Operator’s or third parties’ legitimate interests, or for socially important purposes, provided it does not violate the data subject’s rights and freedoms.
7.6. Processing applies to publicly available personal data (i.e., data intentionally made accessible by the subject or at their request).
7.7. Processing applies to data subject to mandatory disclosure or publication under Russian law.

The security of personal data processed by the Operator is ensured through legal, organizational, and technical measures necessary to fully comply with the requirements of applicable data protection laws.

8.1. The Operator ensures the integrity of personal data and implements all possible measures to prevent unauthorized access.
8.2. The User’s personal data will never be disclosed to third parties, except:

• When required by law.
• If the User has explicitly consented to the transfer for fulfilling obligations under a civil contract.

8.3. If inaccuracies are identified, the User may update their data independently by emailing the Operator at info@g-white.ru with the subject line “Personal Data Update.”
8.4. The processing period lasts until the purposes of collection are achieved, unless otherwise specified by contract or law.
The User may withdraw consent at any time by emailing info@g-white.ru with the subject line “Withdrawal of Consent to Personal Data Processing.”
8.5. Data collected by third-party services (e.g., payment systems, communication tools) is stored and processed by those providers under their own Terms of Service and Privacy Policies. The Operator is not liable for the actions of such third parties.
8.6. Restrictions imposed by the User on data transfer or processing (except for access) do not apply if processing is performed:

• In state, public, or other societal interests defined by Russian law.

8.7. The Operator guarantees confidentiality during processing.
8.8. Personal data is stored only as long as necessary to fulfill processing purposes, unless a longer period is required by law or contract.
8.9. Processing ceases when:

• The purpose is achieved.
• The User’s consent expires or is withdrawn.
• A lawful request to terminate processing is received.
• Unlawful processing is identified.

9.1. The Operator performs the following operations with personal data:

• Collection, recording, systematization, accumulation, storage
• Updating/modification
• Retrieval, utilization
• Transfer (distribution, provision, access)
• Depersonalization
• Blocking
• Deletion
• Destruction
• 9.2. The Operator conducts automated processing of personal data with or without subsequent transmission via information and telecommunications networks.

10.1. Prior to initiating cross-border data transfers:
The Operator must notify the authorized data protection authority (Roskomnadzor) about intended cross-border transfers. This notification must be separate from general data processing notifications.
10.2. Pre-transfer requirements:
The Operator must obtain necessary information from:

• Foreign government bodies
• Foreign individuals/legal entities
• who are intended recipients of the data.

12.1. User inquiries:
Users may request clarifications regarding their personal data processing by emailing info@g-white.ru.
12.2. Policy updates:
This document will reflect all changes to the Operator's personal data processing policy. The policy remains effective indefinitely until replaced by a new version.
12.3. Current version:
The up-to-date Policy is publicly available at: g-white.ru/policy