En
En
Ru

3.2. The processing of counterparties' personal data is carried out using a mixed method, with or without the use of automated tools. The following actions are used to process the personal data of this category of data subjects: collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (provision, access), blocking, deletion, and destruction of personal data.
3.3. The processing of counterparties' personal data is carried out to comply with the requirements of the tax and civil legislation of the Russian Federation, as well as within the framework of the execution of an agreement to which the Counterparty is a party or beneficiary.
3.4. The storage and processing of Counterparty personal data is carried out for three years.
Destruction of electronic media is carried out by mechanically disrupting their integrity, preventing the reading and restoration of personal data, or by deleting them from electronic media using methods and means that guarantee the removal of residual information. 
Personal data of counterparties contained on tangible carriers are destroyed by shredding paper documents without the possibility of restoring the integrity of the information.

4. Updating, Correcting, Deleting, and Destroying Personal Data; Responses to Requests from Data Subjects for Access to Personal Data
4.1. Each category of data subject has the right to receive information regarding the processing of their personal data, as well as the right to request that the Operator clarify their personal data, block it, or destroy it if the personal data is incomplete, outdated, inaccurate, illegally obtained, or is not necessary for the stated processing purpose.
A request for information regarding the processing of personal data must comply with the requirements of Part 3 of Article 14 of Federal Law No. 152-FZ of July 27, 2006, "On Personal Data" (hereinafter referred to as the Personal Data Law).
4.2. A data subject has the right to revoke their consent to the processing of their data to the Operator.
4.3. A personal data subject may send their request (demand, including the revocation of consent to the processing of personal data) to the Operator by email to the following address: info@theninth.ru.
4.4. Requests that, in accordance with the requirements of Russian Federation legislation, require the personal signature of the personal data subject, as well as requests sent to the Operator electronically, must be signed with a qualified electronic signature.
4.5. Personal data will be stored in a form that allows identification of the personal data subject for no longer than is required for the purposes of processing the personal data, except in cases where the storage period for personal data is not established by federal law or this personal data processing policy.
5. Basic Rights and Obligations of the Operator
5.1. The Operator has the right to:
− independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations stipulated by Russian Federation legislation in the field of personal data and regulatory legal acts adopted in accordance therewith, unless otherwise provided by the Personal Data Law or other federal laws;
− entrust the processing of personal data to another person with the consent of the personal data subject, unless otherwise provided by federal law, on the basis of an agreement concluded with that person. The person processing personal data on behalf of the Operator is obliged to comply with the principles and rules for processing personal data stipulated by the Personal Data Law;
− If the personal data subject revokes consent to the processing of personal data, the Operator has the right to continue processing the personal data without the consent of the personal data subject, provided there are grounds established by the legislation of the Russian Federation.
5.2.  The Operator is obliged to:
− organize the processing of personal data in accordance with the requirements of the Personal Data Law;
− respond to requests and inquiries from personal data subjects and their legal representatives, as well as from Russian government agencies, in accordance with the requirements and deadlines established by Russian legislation;
− communicate the necessary information to the authorized body for the protection of the rights of personal data subjects (the Federal Service for Supervision of Communications, Information Technology, and Mass Media (Roskomnadzor)) upon request of that body, within the deadlines established by Russian legislation.

6. Basic Rights and Obligations of the Personal Data Subject
6.1.  The personal data subject has the right to:
− receive information regarding the processing of their personal data, except in cases stipulated by federal laws. The Operator shall provide the personal data subject with such information in an accessible form and shall not contain personal data relating to other personal data subjects, except in cases where there are legal grounds for disclosing such personal data. The list of information and the procedure for obtaining it are established by the Law on Personal Data.
− request that the Operator clarify their personal data, block it, or destroy it if the personal data is incomplete, outdated, inaccurate, illegally obtained, or is not necessary for the stated purpose of processing, and also take measures provided by law to protect their rights;
− appeal to Roskomnadzor or in court against the Operator's unlawful actions or inaction when processing their personal data.
6.2.  The personal data subject undertakes to:
− provide accurate and up-to-date personal data; 
− notify of any changes to their personal data.

7. Personal Data Security Measures
7.1. The Operator shall take necessary and sufficient organizational and technical measures to protect the personal data of data subjects from unauthorized or accidental access, destruction, modification, blocking, copying, and distribution.
7.2. The security of personal data processed by the Operator shall be ensured, in particular, by the following measures:
− appointing persons responsible for organizing the processing of personal data and for ensuring the security of personal data, assigning functions, responsibilities, and authorities;
− familiarizing the Operator's employees with legal requirements and organizational and administrative documents regarding the processing and protection of personal data;
− identifying threats to the security of personal data when processed in the ISPDN;
− applying organizational and technical measures to ensure the security of personal data when processed in the ISPDN, necessary to meet personal data protection requirements, the implementation of which ensures the levels of personal data protection established by the legislation of the Russian Federation;
− detecting instances of unauthorized access to personal data and taking measures, including measures to detect, prevent, and mitigate the consequences of computer attacks on the Personal Data Information System (PDIS) and responding to computer incidents therein;
− establishing rules for accessing personal data processed in the Personal Data Information System (PDIS), as well as ensuring the registration and accounting of all actions performed with personal data in the PDIS;
− monitoring the measures taken to ensure the security of personal data and the level of protection of the Personal Data Information System (PDIS);
− other necessary organizational and technical measures established by regulatory acts on personal data protection.
7.3. The Operator's databases are located in the Russian Federation.

8. Final Provisions
8.1. Issues not regulated by this Policy shall be resolved in accordance with the legislation of the Russian Federation.
8.2. This Policy shall be reviewed at least once every three (3) years or as necessary, should changes occur in the Operator's internal regulations or applicable legislation.
8.3. Amendments and additions to this Policy shall be made in accordance with the Operator's established procedures.
8.4. This policy regarding the processing of personal data by THE NINTH LLC is drafted in Russian and English. In the event of any discrepancies between the Russian and English translations, the Russian version shall prevail.
Appendix No. 1

Terms, Definitions, and Abbreviations
Terms, definitions, and abbreviations used in this Policy regarding the processing of personal data by THE NINTH LLC (hereinafter referred to as the Company) (hereinafter referred to as the Policy):
Personal data – any information relating directly or indirectly to an identified or identifiable individual (the personal data subject).
Personal data operator (hereinafter referred to as the Operator) – THE NINTH LLC, which, independently or jointly with other entities, organizes and/or carries out the processing of personal data, and determines the purposes of personal data processing, the scope of personal data to be processed, and the actions (operations) performed with personal data.
Processing of personal data is any action (operation) or set of actions (operations) with personal data, performed with or without the use of automation tools, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
A personal data subject is an individual who is directly or indirectly identified or identifiable using personal data.
A website visitor is an individual who has visited the website within a certain period of time and is using the website in browsing mode.
A counterparty is an individual, sole proprietor, or representative of a counterparty representing the interests of a legal entity with which the Operator intends to enter into or is in civil law relations.
Automated processing of personal data is the processing of personal data using computer technology.
Dissemination of personal data is actions aimed at disclosing personal data to an indefinite number of persons.
Provision of personal data is actions aimed at disclosing personal data to a specific person or a specific number of persons.
Blocking of personal data is the temporary cessation of processing of personal data (except in cases where processing is necessary to clarify the personal data).
Destruction of personal data is an action that makes it impossible to restore the contents of personal data in a personal data information system and/or that destroys tangible media containing personal data.
Anonymization of personal data is an action that makes it impossible to determine the attribution of personal data to a specific data subject without the use of additional information.
Personal data information system (PDIS) is the collection of personal data contained in databases and the information technologies and technical means that support its processing.
Cross-border transfer of personal data is the transfer of PD to a foreign government agency, a foreign individual, or a foreign legal entity.
Website is an internet resource, including domains of all levels, accessible from various user devices connected to the internet, allowing the Visitor to view and search for information, as well as perform other actions provided for by the Website's functionality.

Process Name
Data Volume
Counterparty verification as part of due diligence, eliminating relationships with unreliable counterparties, avoiding claims from regulatory authorities, and minimizing tax and financial risks
Legal Entity Representatives:
Surname, First Name, Patronymic; Date of Birth; Nationality; Taxpayer Identification Number (TIN) (if any); Identity Document Details; Migration Card Details; Document Details confirming the right of a foreign citizen or stateless person to stay (reside) in the Russian Federation; Address of Registration and Actual Residence Address; Details of Authorization Documents (for the Director and Chief Accountant); Information on the circumstances that justify recognizing this individual as the beneficial owner (for beneficiaries).

Sole proprietors and individuals:
Last name, First name, Patronymic; Date of birth; Place of birth; Nationality; Taxpayer Identification Number (TIN) (if any); Identity document details; Migration card details; Document details confirming the right of a foreign citizen or stateless person to stay (reside) in the Russian Federation; Address of place of registration and actual address of residence; Contact information (phone number; email address; postal address; fax number); OGRNIP, place and date of state registration (for sole proprietors); Information on the status of trustee (manager) of a foreign structure without forming a legal entity, protector; Information on the basis for actions for the benefit of another person.

For all counterparties:
Information on the availability of a license, if carrying out licensed activities.
Contract Conclusion
Information for sole proprietors and individuals:
Last name, first name, patronymic, identity document details, registered address, Taxpayer Identification Number (INN), Primary State Registration Number (OGRNIP), pension certificate number, bank details, contact information (phone number, email address).

For legal entities:
Information from the document confirming the authority of the person signing the contract.
Communication under the contract
Last name, first name, patronymic (if any); job title, department (if any); contact information (phone number, email address)
Process Name
Data Volume
Counterparty verification as part of due diligence, eliminating relationships with unreliable counterparties, avoiding claims from regulatory authorities, and minimizing tax and financial risks
Legal Entity Representatives:
Surname, First Name, Patronymic; Date of Birth; Nationality; Taxpayer Identification Number (TIN) (if any); Identity Document Details; Migration Card Details; Document Details confirming the right of a foreign citizen or stateless person to stay (reside) in the Russian Federation; Address of Registration and Actual Residence Address; Details of Authorization Documents (for the Director and Chief Accountant); Information on the circumstances that justify recognizing this individual as the beneficial owner (for beneficiaries).

Sole proprietors and individuals:
Last name, First name, Patronymic; Date of birth; Place of birth; Nationality; Taxpayer Identification Number (TIN) (if any); Identity document details; Migration card details; Document details confirming the right of a foreign citizen or stateless person to stay (reside) in the Russian Federation; Address of place of registration and actual address of residence; Contact information (phone number; email address; postal address; fax number); OGRNIP, place and date of state registration (for sole proprietors); Information on the status of trustee (manager) of a foreign structure without forming a legal entity, protector; Information on the basis for actions for the benefit of another person.

For all counterparties:
Information on the availability of a license, if carrying out licensed activities.
Contract Conclusion
Information for sole proprietors and individuals:
Last name, first name, patronymic, identity document details, registered address, Taxpayer Identification Number (INN), Primary State Registration Number (OGRNIP), pension certificate number, bank details, contact information (phone number, email address).

For legal entities:
Information from the document confirming the authority of the person signing the contract.
Communication under the contract
Last name, first name, patronymic (if any); job title, department (if any); contact information (phone number, email address)

POLICY
regarding the processing of personal data by THE NINTH LLC

1. General Provisions
1.1. Purpose of the Policy
1.1.1.  This Policy regarding the processing of personal data by THE NINTH LLC (hereinafter referred to as the Policy) defines the purposes and general principles of processing the personal data of data subjects, as well as the measures implemented to protect personal data during their use of the Operator's Website.
1.1.2. This Policy is a publicly available document of THE NINTH LLC (hereinafter referred to as the Operator) and is available for review by third parties.
1.2. The Operator, as part of its activities, carries out cross-border processing of personal data, but does not process special or biometric categories of personal data.

2. Processing of Personal Data of Website Visitors
2.1. For the purpose of processing applications and subsequent support of real estate transactions, the Operator processes other categories of personal data of Visitors, including: last name, first name, patronymic, contact information (subscriber number, email address).
2.2. For the purpose of sending advertising and informational newsletters to Visitors, the Operator processes other categories of personal data: telephone number; email address.
2.3. For analytical and statistical research conducted to improve the functionality of the Website and the user experience when interacting with the Website, the Operator processes other categories of personal data of Website Visitors, including: cookies, location information, website activity information, equipment information, and session date and time.
2.4.  The Operator processes other categories of personal data of Visitors and Visitors to the Website, as specified in paragraphs 2.1-2.3 of this Policy, using automated tools and/or without the use of such tools.
Personal data is processed for the purposes specified in paragraphs 2.1-2.3 of this Policy using the following methods: collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.5. The Operator processes Visitors' personal data based on:
− the requirements of Russian Federation legislation;
− consent to personal data processing.
As part of the processing of personal data for the purposes set out in paragraphs 2.1-2.3 of this Policy, the Operator may transfer (provision, access) the personal data of data subjects to third parties.
The Operator transfers personal data based on consent to the processing of personal data, specifying the list of third parties (names and addresses), the scope of data transferred, and the purposes for which these parties are engaged in the processing of personal data, except in cases where the transfer of personal data is not required by Russian Federation legislation.
2.7. The Operator will store and process personal data for three years unless the Visitor revokes their consent to the processing of personal data.
2.8. Personal data on electronic media is destroyed by mechanically compromising its integrity, preventing the personal data from being read and restored, or by deleting it from electronic media using methods and means that guarantee the removal of residual information.
Paper information carriers containing personal data are destroyed by shredding the documents without the possibility of restoring the integrity of the information.

3. Procedure and Conditions for Processing Personal Data of Counterparties
and/or Their Representatives
3.1. The Operator processes other categories of personal data of counterparties and/or their representatives for the purpose of facilitating and implementing interactions with third parties regarding the conclusion of contracts and/or the fulfillment of contractual obligations within the framework of civil law relations:

the ninth
A boutique advisory connecting investors and property owners
Dubai-focused. Globally connected.
For property owners→
Advisory and introduction services only.
Transactions are executed by licensed real estate partners in Dubai.
All inquiries are treated confidentially.
© the ninth — All rights reserved.
Using the site means agreeing to the User Agreement and Personal Data Processing Policy