Privacy Policy
1. General Provisions
1.1. This Privacy Policy (Personal Data Processing) (hereinafter referred to as the Policy) defines the procedure for processing personal data at the International Bar Association “Law Firm Levant & Partners” of Moscow (hereinafter referred to as the Operator), establishes principles and rules for protecting Users’ personal data and ensures compliance with rights when processing their personal data.
1.2. The Policy was developed by the Operator in accordance with Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” (hereinafter referred to as the Personal Data Law), the Civil Code of the Russian Federation (Articles 19, 21, 152.1, 152.2), the Constitution of the Russian Federation (Article 30) and other regulatory legal acts in the field of personal data, local acts of the Operator.
1.3. The current version of the Policy is a public document and is available to any Internet user. The Operator publishes a link to the Policy on the Operator’s official website. The Policy is also provided to any person who contacts the Operator in person.
1.4. The link to the Policy is posted on the Operator’s official website at: www.levantlegal.com.
1.5. The Operator has the right to make changes to the Policy without prior notice to the User by posting a new version of the Policy on the Operator’s website at: www.levantlegal.com.
2. Terms and Definitions
2.1. Operator – International Bar Association “Law Firm Levant & Partners” of Moscow, TIN: 7710480322, OGRN: 1127799026002, legal and postal address: 123022, Moscow, Zvenigorodskoye Highway, 9/27, building 1, floor 3, office 316, independently or jointly with other persons organizing and (or) carrying out personal data processing, as well as determining the purposes of personal data processing, the composition of personal data to be processed, actions (operations) performed with personal data.
2.2. User – an individual visiting (using) the Operator’s official website in accordance with the User Agreement.
2.3. Personal data – any information relating directly or indirectly to a specific or identifiable User.
2.4. Personal data processing – any action (operation) or set of actions (operations) performed using automation tools or without using such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (provision, access), depersonalization, blocking, deletion, destruction of personal data.
2.5. Provision of personal data – actions aimed at disclosing personal data to a specific person or a specific circle of persons.
2.6. Destruction of personal data – any actions as a result of which personal data is permanently destroyed with the impossibility of further restoration of the content of personal data in the personal data information system and/or material carriers of personal data are destroyed.
3. User Consent to Personal Data Processing
3.1. The User provides personal data, and the Operator carries out their further processing based on consent, except for cases provided by law.
3.2. The User freely, of his own will and in his own interest makes a decision to provide the Operator with his personal data. Consent may be provided both personally and through a representative.
3.3. By sending messages, applications, other communications using the means and forms of communication on the Site, the User expresses his consent to the terms of the Policy. In case of the User’s disagreement with the terms of the Policy, the use of the site and its services must be immediately stopped. The User bears responsibility for this.
4. Basic User Rights
4.1. Right to access: The User has the right to request any information about his personal data according to section 7 of the Policy.
4.2. Right to withdraw consent: The User may at any time withdraw consent to the processing of his personal data by written notification to the Operator.
4.3. Right to clarification: The User has the right to clarify, supplement, change, correct data that the Operator stores.
4.4. Right to deletion: The User may request deletion of data about him.
4.5. The User has other rights provided by the Personal Data Law.
5. Data Processing Purposes
5.1. The Operator processes Users’ personal data in accordance with the principles enshrined in Article 5 of the Personal Data Law.
5.2. Personal data processing by the Operator is carried out for the following purposes:
5.2.1. For communication with the User regarding the provision of legal assistance;
5.2.2. For concluding and executing agreements on the provision of legal assistance to which the User is a party;
5.2.3. For other purposes, personal data processing is carried out based on the User’s consent, provided that consent is obtained for specific purposes of personal data processing.
5.3. Communications between Users and the Operator in the process of providing legal assistance are carried out via cellular communication, using messengers (Telegram, WhatsApp), SMS and email info@levantlegal.com.
6. Types and List of Data for Which Consent is Given
6.1. The Operator processes only User data that is necessary to achieve the purposes of their processing.
6.2. The Operator collects the following personal data to implement each data processing purpose:
6.2.1. surname, first name, patronymic;
6.2.2. passport data (number, series, issued by whom, date of issue, division code);
6.2.3. registration address;
6.2.4. country, city of residence;
6.2.5. mobile phone number;
6.2.6. email address;
6.3. Special categories of personal data are not collected.
6.4. Automatically saved data (including cookie file data) is not collected.
6.5. The User independently determines the method of transmitting personal data to the Operator for the purpose of providing legal assistance. The Operator is not responsible for the operation of third-party resources and their processing of personal data through which Users transmit data to the Operator, including through messengers. Third-party services independently determine policies regarding the processing of personal data of their users.
6.6. The Operator does not process data of persons under 18 years of age and asks such persons not to provide their data.
7. Data Actions
7.1. The Operator collects User data in the following ways:
7.1.1. The User communicates his data by phone to the Operator or in SMS;
7.1.2. The User sends his data to the Operator by email or using messengers.
7.2. When processing Users’ personal data, the Operator stores data on the territory of the Russian Federation.
7.3. User data is subject to destruction or depersonalization if:
7.3.1. The purpose of personal data processing has been achieved;
7.3.2. There is a security threat to the data or the impossibility of ensuring lawful data processing;
7.3.3. The need to achieve processing purposes has been lost;
7.3.4. The User has withdrawn his consent to data processing;
7.3.5. The User has provided information that personal data was obtained illegally or is not necessary for the stated purpose of processing;
7.3.6. Liquidation or reorganization of the Operator.
7.4. User personal data is destroyed on the following grounds:
7.4.1. If the User has withdrawn his consent and/or demanded to stop processing personal data. In this case, the destruction of personal data occurs at the written request of the User. The request must contain identification data that directly indicates that the information belongs to this User.
7.4.2. The goals for which the User’s personal data were collected have been achieved (obligations under the Agreement on the provision of legal assistance between the Lawyer and the Principal have been fulfilled).
7.5. The Operator is required to draw up a corresponding act of destruction of personal data when the grounds specified in clause 7.4 of the Policy arise, which confirms the fact of destruction of personal data of a specific User.
7.6. The User may inform the Operator of the need to clarify, update or change his personal data.
7.7. The User may demand that the Operator block or destroy his personal data if it is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing.
7.8. The Operator does not transfer Users’ personal data or provide access to them to third parties, except in cases specifically provided by law.
7.9. The Operator does not distribute Users’ personal data (provide personal data to an indefinite circle of persons).
7.10. The Operator does not carry out cross-border transfer of personal data.
7.11. Provision of Users’ personal data upon request of state bodies (local government bodies) is carried out in the manner prescribed by law.
8. Information Provided to the User Upon Request
8.1. The User has the right to contact the Operator with a request to obtain the following information, which the Operator undertakes to provide:
8.1.1. Confirmation of the fact of data processing;
8.1.2. Legal grounds for data processing;
8.1.3. Purposes and methods of data processing used by the Operator;
8.1.4. List of data that relates to the User, source of their receipt (if another procedure for presentation is not provided by law);
8.1.5. Terms of data processing, including terms of their storage;
8.1.6. Procedure for the User to exercise the rights provided by the Personal Data Law;
8.1.7. Name and location of the Operator, information about persons (except Operator employees) who have access to data or to whom they may be disclosed based on an agreement with the Operator or law;
8.1.8. Name or full name and address of the person processing personal data on behalf of the Operator, if processing is entrusted or will be entrusted to such person;
8.1.9. Information about measures that the Operator applies to comply with the Personal Data Law;
8.1.10. Other information that may relate to the User and his personal data.
8.2. The Operator’s refusal to provide information upon the User’s request must be justified.
8.3. The User’s right to access his personal data may be limited in accordance with the Personal Data Law.
9. Appeal Against Actions or Inaction of the Operator
9.1. The User may appeal the actions/inaction of the Operator that violate legislation or the Policy to Roskomnadzor or to court. Persons guilty of violations are brought to responsibility in accordance with current legislation.
10. Data Processing Terms
10.1. The Operator processes, including stores, the User’s personal data until the purposes established in section 5 of the Policy are achieved, unless another term has been established by law or agreement between the Operator and the User.
10.2. In case of detection of signs of illegal processing of Users’ data, the Operator immediately blocks the processing of such data and takes all measures to eliminate violations of legislation committed during personal data processing, to clarify, block and delete Users’ personal data within the timeframes provided by Article 21 of the Personal Data Protection Law.
11. Data Protection Measures
11.1. Data protection is necessary to prevent unlawful or accidental access to personal data, prevent their destruction, modification, blocking, copying, provision, distribution and commission of other unlawful actions with respect to Users’ data.
11.2. Data protection is ensured by the Operator through the implementation of legal, organizational and technical measures necessary and sufficient to comply with the provisions of legislation.
11.3. Legal measures include, in particular:
11.3.1. development of local acts of the Operator on personal data processing issues, establishing procedures aimed at preventing violations (such acts also include the Policy);
11.3.2. identification of threats to personal data security during their processing in the Operator’s information systems;
11.3.3. establishment of rules for access to personal data;
11.3.4. refusal of any methods of personal data processing that do not correspond to the purposes predetermined by the Operator.
11.4. Organizational measures include, in particular:
11.4.1. appointment of a person responsible for organizing personal data processing;
11.4.2. internal control (audit) of compliance with personal data processing, implementation of personal data security measures with the Personal Data Law, Policy, local acts of the Operator and other mandatory provisions established by law;
11.4.3. determination of storage locations and accounting of material carriers of personal data;
11.4.4. introduction of a security regime for premises in which personal data processing is carried out, including by software and hardware means.
12. Final Provisions
12.1. This Policy comes into force from the moment of approval and operates indefinitely (until revoked or replaced by a new version of the Policy).
12.2. On all issues related to the Policy, the User may send a request to the Operator in writing to the address specified in clause 2.1 of the Policy, or in electronic form to the email: info@levantlegal.com
12.3. The request should indicate:
12.3.1. User data: surname, first name, patronymic, registration address;
12.3.2. Passport data: number and series, issued by whom, date of issue, division code;
12.3.3. Confirmation of data transmission to the Operator (for example, email address from which data was sent, etc.);
12.3.4. User signature.
12.4. The Operator will respond to the User’s request within 10 (ten) working days from the date of receipt of the request in the same form as the request was sent, unless the request specifies another form of receiving a response (by email/in paper form). The response period may be extended by the Operator by 5 working days, about which the Operator informs the User indicating the reason for such extension.
Last updated: October 9, 2025
This Policy comes into force from the moment of posting on the Site and operates until its revocation or replacement with a new version.