Invalid last name format
You should enter the value
Invalid first name format
You should enter the value
Invalid email address format
You should enter the value
Invalid phone number format
You should enter the value
Invalid value
You should enter the value
Choose from the menu
Invalid date
You should enter the value
The Independent Consultant is not found. Please edit or clear the phone number.
You should enter the value
* The recommended fields.
I agree to receive notifications about promotions and special offers.
I agree to participate in the studies of consumer preferences, attitudes, and motivations conducted by Faberlic.
I agree to processing of the personal data to complete orders in the Faberlic Online Store. * "JSC Faberlic Privacy Policy"
By clicking "Register," I agree to the terms of the Public Offer.

JSC Faberlic Policy on personal data processing and information on implemented requirements for personal data protection

Business-digital


1. General Provisions

1.1. This Policy (hereinafter referred to as the Policy) lays out the general principles and procedures for processing personal data, as well as measures to ensure security of said data, within the Joint Stock Company "Faberlic" (hereinafter referred to as the Company).

1.2. The Policy has been developed in accordance with the provisions of Federal law 152-FZ of 27.07.2006 "On personal data", and other legislative and normative legal acts that govern the procedures surrounding the use of personal data and requirements to ensure their safety.

1.3. The Policy uses the following terms and definitions:

Automated processing of personal data – the processing of personal data using computer technology
Biometric personal data – data that characterize a person's physiological and biological features, on the basis of which identity can be established and which are used by the operator to establish the identity of the data subject
Personal data blocking – the temporary cessation of personal data processing (except where processing is necessary for rectification of personal data)
Access to personal data – the disclosure of a subject's personal data that are processed by the Company to certain parties (including employees), while maintaining the privacy of this information
Contractor – the counterparty in a contract with the Company, not an employee of the Company
Personal data confidentiality – the responsibility of parties with access to personal data not to disclose said data to third parties and not to distribute personal data without the consent of the data subject, unless otherwise required by law
Depersonalization of personal data – action taken by which it becomes impossible to determine the particular subject of personal data without additional information
Processing of personal data – any action (operation) or a combination of actions (operations) performed both automatically and manually with personal data, including collection, recording, arrangement, accumulation, storage, rectification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data
Public personal data – personal data available to the public, access to which is provided according to legislation or at the subject's request, as well as data that are subject to mandatory disclosure or publication
Operator – state agency, municipal authority, legal entity or individual who independently or in cooperation with other entities organizes and/or processes personal data as well as determines the purposes, scope and subject of data processing and actions (operations) related to personal data (in the Policy, the Operator refers to the Company unless otherwise specified)
Personal data – any information referring directly or indirectly to a particular or identified individual (personal data subject);
Provision of personal data – actions intended to disclose personal data to a certain person or a certain group of persons
Distribution of personal data – actions intended to disclose personal data to the public at large
Personal data subject – the individual to whom the personal data refers
Cross-border transfer of personal data – the transfer of personal data to a foreign territory, foreign government body, foreign individual or foreign legal entity;
Destruction of personal data – actions performed on personal data contained in the database that prevent such data from being restored and/or actions aimed at the physical destruction of the tangible medium of personal data


2. Status of the Company and categories of subjects whose personal data is processed by the Company

2.1. The company acts as operator with respect to personal data of the following categories of individuals:

– Employees of the Company (and, if necessary, close relatives of employees) with whom the Company has entered into or previously entered into employment contracts, including former employees with whom employment contracts were terminated (hereinafter referred to as Employees)
– Applicants for vacancies in the Company (candidates for employment with the Company), who have submitted their resume or a form containing personal data, whether personally or through specialized recruitment organizations (recruitment agencies), including through specialized sites on the Internet (hereinafter referred to as Applicants)
– Employees of contractors hired by the Company for providing necessary access to the Company's Information Systems (hereinafter referred to as Contractor Employees)
– Representatives, whose data is received for the purpose of sales of the Company's products under the contract entered into through acceptance of an offer on the Company's website (hereinafter referred to as Representatives)
– Individual contractors who provide the Company with reimbursable services in accordance with civil contracts (hereinafter referred to as Individual contractors)
– Customers who buy the Company's products (hereinafter referred to as Customers), individuals who make purchases in the Company's online store
– Anonymous visitors to www.faberlic.com who visit the site without logging in, with intent to view the Company's products (hereinafter referred to as Users)
– Representatives of personal data subjects who report to the Company on behalf of personal data subjects (hereinafter referred to as Representatives of Subjects)
– Visitors to the company, in order to allow them access to secure areas of the Company and monitor their departure from the premises (hereinafter referred to as Visitors)

2.2. The Company is an entity that provides personal data to other operators in accordance with the requirements of legislation, which include, without limitation:

– Government authorities and extra-budgetary funds to which tax reports are sent with regard to the Company's employees as a tax agent, and employee funds or funds to be credited to employees ' accounts are transferred (Federal Tax Service inspectorates, offices of the Pension Fund of the Russian Federation, the Federal Mandatory Medical Insurance Fund, the Social Insurance Fund of the Russian Federation, etc.)
– Telecommunications operators which are given information about users of corporate communications services (landline and mobile telephones, Internet access) in accordance with the requirements of legislation
– Military commissioners and trade union bodies to which personal data is provided (transferred) in cases stipulated by law
In addition to the above, personal data is provided (transferred) to government authorities and extra-budgetary funds, telecommunications operators, military commissioners, and trade union bodies by the relevant government authorities and extra-budgetary funds within the limits of their mandates under the law. Special consent of the subjects for such transfer of personal data is not required.


3. Principles of personal data processing

The Company processes personal data according to the following principles:

3.1. Legality and equitable basis of personal data processing. The Company takes all necessary measures to comply with the requirements of the Law and does not process personal data in cases where it is not permitted by law or where it is not required for any specific purpose by the Company, and does not use personal data to harm the subject of such data.

3.2. Personal data processing is limited to specific, predefined, and legitimate purposes. The purposes of the Company's personal data processing are:

With respect to Employees, including former employees (and, if necessary, close relatives of employees) – execution of signed employment contracts, including training and promotion, employees' personal security, quantity and quality control of work performed, the safeguarding of assets, calculation and payment of wages and other remunerations, calculation and deduction of taxes and insurance premiums, provision by the employer of additional services (pension insurance, transfer of income to employee payment cards); and fulfillment of the requirements of state statistical registration authorities; provision of benefits and protection to employees under legislation for individuals with (adopted) children and individuals with family responsibilities; and fulfillment of the requirements of the Labor Code of the Russian Federation on informing relatives of accidents
With respect to Applicants – to select candidates who most closely meet the Company's requirements
With respect to Contractor Employees – signing and execution of contracts with contractors, providing access to necessary information systems of the Company
With respect to Representatives – sales of the Company's products on the basis of a contract entered into through acceptance of an offer on the Company's website Individual contractors
With respect to Individual contractors – signing and execution of civil contracts for the sale of products, and fulfillment of contractual obligations to the Company
With respect to Customers of the Company's internet store to provide the possibility to purchase products
With respect to Users and visitors to www.faberlic.com – to facilitate user navigation of the site, get analytical data about visits, and improve the site's performance
With respect to Representatives of subjects – fulfillment of actions taken by the Company on behalf of the representatives of personal data subjects
With respect to Visitors – allowance of visitors to pass into the protected premises of the Company and monitoring of their exit from the protected premises

3.3. Processing only personal data that correspond to the pre-declared purposes of their processing; compliance of the content and volume of the processed personal data with the stated purposes of processing; prevention of processing personal data that is not compatible with the purposes of personal data collection or unnecessary in relation to the stated purposes of personal data processing. The company does not collect or process personal data that is not required to achieve the goals specified in clause 3.2 of this Policy, and does not use personal data of subjects for any purposes other than those specified.

3.4. Prevention of combining databases containing personal data processed for purposes that are not compatible with each other.

3.5. Ensuring the accuracy, completeness, and relevance of personal data in relation to the purposes of personal data processing. The Company takes all reasonable measures to maintain the relevance of the processed personal data, including (without limitation) exercising the right of each subject to receive their personal data for review and to require the Company to clarify, block, or destroy them if the personal data is incomplete, outdated, inaccurate, illegally obtained, or not necessary for the purposes of processing stated above.

3.6. Storage of personal data in a form that allows identification of the data subject for no longer than required for the purpose of processing the personal data, if the retention period of personal data is not established by legislation, by an agreement where one of the parties is the personal data subject, or the consent of the personal data subject to data processing.

3.7. Destruction or depersonalization of personal data upon fulfillment of the declared purposes of their processing or in the event it is no longer necessary to fulfill these purposes, or it becomes impossible for the Company to prevent violations of the procedure for processing personal data established by law, or withdrawal of the subject's consent to personal data processing, or the end of the period for personal data processing established by the consent to personal data processing, unless otherwise provided for by law or by agreement with the personal data subjects.


4. Conditions of personal data processing

4.1. The company's personal data processing is allowed in the following situations:

4.1.1. With the personal data subject's consent to personal data processing.

4.1.2. Personal data processing that is necessary for implementation and fulfillment of the functions, powers and duties assigned to the Company by law. Such cases include, without limitation, processing of special categories of Employee personal data in order to fulfill purposes stipulated by labor and pension legislation.

4.1.3. To conclude a contract at the initiative of the personal data subject and to execute the contract to which the personal data subject is a party. Such contracts are, without limitation, employment contracts with Employees, civil contracts with Individual Contractors, and contracts for the sale of products with deferred payment with Representatives.

4.1.4. Prior to the conclusion of these contracts, the Company processes personal data at the stage of pre-contractual work with Individual Contractors and Representatives, as well as when conducting recruitment work when the subject's consent to processing is confirmed by the Applicant's own completed form or a form (resume) submitted by them to the Company or to a specialized recruitment organization, or posted by the Applicant, Contractor, or Representative on specialized websites on the Internet, or sent by them to the Company via e-mail.

4.1.5. Processing of personal data is necessary to protect the life, health, or other vital interests of the personal data subject, if it is not possible to obtain the subject's consent.

4.1.6. Processing of personal data by the Company is necessary to exercise the rights and legitimate interests of the Company and/or third parties, including in cases provided for by Federal law 320-FZ "On protection of the rights and legitimate interests of individuals when performing activities to repay overdue debts...", or to achieve socially significant goals, provided that the rights and freedoms of personal data subjects are not violated.

4.1.7. Personal data is processed by the Company for statistical or other research purposes, subject to mandatory depersonalization of personal data.

4.1.8. Processing of personal data to which the personal data subject has provided public access or public access has been provided at the personal data subject's request.

4.1.9. Personal data is subject to publication or mandatory disclosure in accordance with legislation.

4.2. The Company does not disclose or distribute personal data to third parties without the subject's consent, unless otherwise required by law, by contract with the personal data subject, or not specified in the subject's consent to process their personal data.

4.3. The Company does not process personal data in specialized categories related to racial or ethnic origin, political opinions, religious or philosophical beliefs, health status (with the exception of information that is relevant to the question of Employee's performance of job functions and that is necessary for the purposes of certain pension legislation), personal life, or membership in labor unions or union activity, except where expressly required by law.

4.4. The Company may process personal data on criminal records only in cases and in accordance with the procedure established by law.

4.5. When collecting personal data, the Company shall carry out recording, systematization, accumulation, storage, rectification (updating, changing), and extraction of personal data using databases located in the Russian Federation.

4.6. Cross-border personal data processing is carried out with the consent of the personal data subject, and the Company ensures the transfer of personal data using databases located in the Russian Federation.

4.7. The company does not make decisions that give rise to legal consequences for Employees or otherwise affect the rights and legitimate interests of Employees based solely on automated processing of personal data. Data that has legal consequences or affects the rights and legitimate interests of the Employee, such as the amount of accrued income, taxes and other deductions, are subject to verification by an authorized employee of the Company before use.


5. Methods of personal data processing

5.1. The company carries out the processing of personal data both with and without the use of automation.

5.2. The Policy applies in full to the processing of personal data using automation, and when processing personal data without using automation applies only in cases where such processing corresponds to the nature of the actions (operations) performed with the personal data using automation tools, that is, which allow you to search for personal data recorded on a material carrier and contained in card files or other systematic collections of personal data, and/or access to such personal data using a specified algorithm.


6. Confidentiality of personal data

6.1. Employees of the Company who have access to personal data must ensure the confidentiality of said data. Confidentiality is not required with respect to:

– Personal data after its depersonalization;
– Public personal data.

6.2. The Company may, with the consent of the subject, entrust the processing of personal data to another party, unless otherwise required by law, on the basis of a contract related to personal data processing on behalf of the Company entered into with said party, following the principles and rules of personal data processing as required by law. The amount of personal data transferred to another party for personal data processing and the number of processing methods used by said party must be the minimum necessary to fulfill their responsibilities to the Company. The Company's instructions must include a defined list of actions (operations) to be taken with personal data that will be performed by the party carrying out the personal data processing and purposes of the processing; said instructions must define the aforementioned party's responsibility to maintain the confidentiality of personal data and ensure the security of personal data during their processing as well as indicate the requirements for the protection of processed personal data in accordance with article 19 of Federal law 152-FZ of 27.07.2006 "On personal data".

When fulfilling the Company's instructions with regard to personal data processing, the party to whom the processing is entrusted shall be entitled to use their information systems located on the territory of the Russian Federation and conforming to safety measures required by law as instructed by the Company in the agreed-upon personal data processing contract.

6.3. In the event that the Company entrusts the processing of personal data to another party, the Company is responsible to the personal data subject for the actions of the specified party. The party processing personal data on behalf of the Company is liable to the Company.


7. Consent of personal data subject to personal data processing

7.1. The personal data subject makes the decision about providing their personal data to the Company and consents to the processing of their own free will and in their own interest. Consent to personal data processing must be specific, informed and conscious, and may be given by the subject in any form that allows confirmation of the fact of their consent, unless otherwise required by law.

7.2. Representatives and Customers provide their personal data when registering in the system, buying the products, using the services of the information system, or through other interactions on the Company's website.

7.3. The use of the Company's information system services means unconditional agreement to the Policy and the terms and conditions of personal information processing mentioned within. In the event that the user disagrees with these conditions, they must refrain from using the information system services.

7.4. If a Representative of a personal data Subject consents to the processing of personal data, the Company checks that the Representative of the Subject has authority to give consent on behalf of the personal data subject.

7.5. If the Company receives personal data from a Contractor on the basis of an agreement concluded with them, the Contractor is responsible for the legality and reliability of the personal data, as well as for obtaining the consent of the Contractor's Representatives to transfer their personal data to the Company, which is stipulated in the text of the agreement with the Contractor.

7.6. Having received personal data from a Contractor, the Company does not assume any obligation to inform the subjects (their representatives) whose personal data has been transferred to it about the start of personal data processing, since the Contractor that transferred the personal data is responsible for providing appropriate information when entering into an agreement with the personal data subject and/or obtaining consent to such transfer. This obligation of the Contractor is included in the agreement concluded between the Contractor and the Company.

7.7. The express consent of an Employee to the processing of their personal data is not required, since the processing is necessary for the performance of the employment contract to which the Employee who is the personal data subject is a party, except in cases where it is necessary to obtain the Employee's written consent for specific instances of personal data processing. Cases requiring the Employee's written consent include (without limitation):

7.7.1. Obtaining personal data of Employees from third parties, including for the purpose of verifying such personal data, as well as in cases where such data cannot be obtained from the Employee themself.

7.7.2. Transfer of an Employee's personal data to any third party, including the transfer of the Employee's personal data when sending them on business trips or trainings, when booking hotels and tickets, etc.

7.7.3. Providing an Employee's personal data to third parties for commercial purposes, including, but not limited to, banks, opening and providing maintenance of payment cards for payroll and other Employee income, insurance companies engaged in pension insurance at the expense of the Company as an employer, printing enterprises engaged in manufacturing business cards at the expense of the employer, etc.

7.8. Express consent of Relatives of the Company's Employees is not required if their personal data is processed on the basis of Federal laws (for calculating alimony, making social payments, providing benefits and guarantees, etc.), is necessary for informing relatives about accidents, and is performed by the Company as an employer in accordance with the requirements of state statistical accounting bodies. In all other cases, it is necessary to obtain proven (confirmed) consent of Employees' Relatives for the processing of their personal data by the Company.

7.9. An Applicant's express consent to the processing of their personal data is not required, since such processing is necessary for the purpose of concluding an employment contract at the initiative of the Applicant who is the personal data subject, except in cases where it is necessary to obtain the Applicant's written consent for specific cases of personal data processing. If a decision is made not to hire an Applicant, their personal data must be destroyed within 30 days from the date of such decision, unless otherwise stipulated in the agreement with the Applicant or specified in their consent to personal data processing.

7.10. The consent of Individual Contractors to the processing of their personal data is not required, since they are a party in an agreement with the Company.

7.11. Personal data of individuals who have signed agreements with the Company, contained in the unified state registers of legal entities and individual entrepreneurs, are open and publicly available, except for information about the number, date of issue, and the authority that issued the identity document of the individual. Protection of confidentiality and consent of personal data subjects to the processing of this data is not required.
In all other cases, the consent of personal data subjects who are Representatives of Contractors must be obtained, with the exception of individuals who have signed contracts with the Company or provided power of attorney to act for and on behalf of the Company's Contractors, have independently sent personal data by e-mail, thereby committing a conclusive action confirming their consent to the processing of personal data indicated in the text of the agreement (power of attorney) or e-mail. The Contractor may obtain the consent of its representative for transfer of their personal data to the Company and the company's processing of this personal data in the manner described in clause 7.5 of this Policy. In this case, The Company does not need to obtain the subject's consent to the processing of their personal data.

7.12. Consent of Representatives of Subjects to the processing of their personal data is provided in the form of conclusive action by granting power of attorney with authority to act for and on behalf of the personal data subjects, and the identity document of the Representative of the Subject.

7.13. A Visitor's consent to the processing of their personal data is provided in the form of a specific action, namely, the communication of information requested from them when visiting the Company.

7.14. Users of the site give consent to the processing of their personal data received by the Company when using cookies by placing a corresponding mark ("tick") in the checkbox on the site.

7.15. Consent from subjects regarding their provided personal data is not required when the Company receives, within the established powers, motivated requests from the prosecution authorities, law enforcement agencies, investigation and inquiry bodies, security agencies, state labor inspectors exercising state supervision and control over compliance with labor legislation, and other bodies authorized to request information in accordance with the competence provided by law.
A motivated request must include an indication of the purpose of the request, a reference to the legal grounds for the request, including confirming the authority of the agency submitting the request, as well as a list of the requested information.

7.16. If requests are received from organizations that do not have the appropriate authority, the Company must obtain consent from the non-Employee subject to provide their personal data in any form that can be proven, and warn the individuals receiving the personal data that this data can only be used for the purposes for which it was reported, as well as require these individuals to confirm that the specified rule will be (was) observed. The procedure for obtaining Employees' consent to transfer their personal data to other individuals is described in clause 7.7 of this Policy.

7.17. Consent to the processing of personal data with no legal requirement for processing or that is not required for the performance of the agreement with the Company to which the personal data subject is a party may be revoked by the personal data subject. In this case, the Company destroys the personal data relating to the revoked consent, and ensures their destruction by the contractors to whom the data was transferred within 30 days from the date the revocation of the subject's consent to the processing of their personal data is received.

7.18. In all cases, the Company is obligated to provide proof of obtaining the personal data subject's consent to the processing of their personal data or proof of the existence of the grounds specified in Federal law 152-FZ of 27.07.2006 "On personal data".


8. Rights of personal data subjects

8.1. The personal data subject has the right to receive information regarding the processing of their personal data. The personal data subject is entitled to request that the Company rectify, block, or destroy their personal data in the event that the personal data is incomplete, outdated, inaccurate, illegally obtained, or unnecessary for the declared purpose of processing; and also to take legal measures to protect their rights. The personal data subject may make requests in writing, by e-mail to pd@faberlic.com, or via the feedback form on the Company's website.

8.2. The subject's request concerning the Company's processing of their personal data in writing or by e-mail must contain:

- Surname, first name, and patronymic/middle name of the personal data subject or their representative;
- The number of a basic document proving the identity of the personal data subject as well as their representative (if the inquiry is made by a representative), the date the aforementioned document(s) was issued, and the issuing authority (authorities);
- Information that confirms the personal data subject's relationship with the Company (number and date of contract with the Company, a copy (scan or photograph) of written communication or an SMS from the Company, etc.), or information that otherwise confirms personal data processing by the Company;
- The signature of the personal data subject or their representative;

A subject's request submitted through the feedback form on the Company's website does not need to contain the information described above.

8.3. The subject has the right to revoke their consent to the Company's processing of their personal data at any time by written declaration in any form containing basic document information that proves the subject's identity or the personal data that was specified when providing it to the Company, or by sending a request via the feedback form on the Company's website (in this case, identity-proving document information is not required).

8.4. If the personal data subject believes that the Company is processing their personal data in violation of the law, or otherwise violating their rights and liberties, the personal data subject has the right to appeal the Company's actions or inaction to the authorized body on protection of the rights of personal data subjects (Federal Service for Supervision of Communications, Information Technology and Mass Media) or through legal action.

8.5. At the request of the authorized body on protection of the rights of personal data subjects, the Company is obliged to provide the requested information within thirty days from the date of receipt of such request..

8.6. The procedure for interaction with regulatory authorities is regulated by the current legislation of the Russian Federation.


9. Information concerning implemented requirements for personal data protection

9.1. The security of personal data processed by the Company is supported by the implementation of legal, organizational, and technical measures necessary and sufficient to meet the requirements of legislation concerning personal data.

9.2. Legal measures taken by the Company include:

– developing Company by-laws that implement the requirements of legislation, including this Policy and the "Regulations on the organization of personal data processing and protection within JSC Faberlic";
–refusing to use any personal data processing methods that do not fulfill the purposes and legal requirements set out in the Policy.

9.3. Organizational measures taken by the Company include:

– appointing individuals responsible for organizing personal data processing and for ensuring the security of personal data in personal data information systems;
– restricting the number of Company employees who have access to personal data, and organizing a permit system for access to them;
– familiarizing the Company's employees who directly process personal data with the provisions of the legislation on personal data, including requirements for personal data protection, the Company's Policy, and other by-laws on personal data processing;
– training all categories of Company employees directly engaged in processing personal data, on the rules of working with personal data and ensuring the security of the processed data;
– defining the responsibilities for ensuring the security of personal data processing and responsibility for violation of the established procedure in the job descriptions of Company employees;
– regulating the personal data processing procedures;
– organizing an accounting system for material carriers of personal data and their storage, ensuring the prevention of theft, substitution, unauthorized copying and destruction;
– identifying current threats to the security of personal data, and determining the level of security and requirements for the protection of personal data when processing them in information systems that ensure the established levels of personal data security;
– making technical resources for processing personal data available within a secure area;
– restricting access to the Company's premises by unauthorized individuals, prevention of their presence on the premises where personal data is processed and technical resources for processing them are located, without supervision by the Company's employees.

9.4. Technical measures taken by the Company include:

– developing a personal data protection system based on current threats for the levels of personal data protection established by the Government of the Russian Federation during processing in information systems;
– using information security tools that have passed compliance assessment to neutralize current threats;
– assessing the effectiveness of measures taken to ensure the security of personal data;
– implementing an employee permission system for access to personal data processed in information systems, as well as to hardware and software tools for information protection;
– registering and recording the actions taken with personal data by users of information systems where personal data is processed;
– detecting malicious software (using anti-virus programs) on all nodes of the Company's information network with the respective technical capabilities;
– secure inter-network interactions (using inter-network shielding);
– detecting intrusions into the Company's information system that violate or create prerequisites for violating the established requirements for ensuring the security of personal data;
– recovering personal data that was modified or destroyed due to unauthorized access (creating a backup and recovery system for personal data);
– periodically monitoring user actions, and investigating violations of personal data security requirements;
– verifying the implementation of these requirements (independently or with the involvement of legal entities and individual entrepreneurs licensed in technical protection of confidential information, on a contractual basis) at least once every 3 years.


10. Final provisions

10.1. Other responsibilities and rights of the Company as a personal data operator and as a party that processes data on behalf of other operators are regulated by the laws of the Russian Federation in the sphere of personal data.

10.2. Officials and Employees of the Company responsible for the violation of terms regulating personal data processing and protection shall bear material, disciplinary, administrative, civil and criminal liability in accordance with the laws of the Russian Federation.

10.3. The terms of this Policy shall be revised as necessary. Mandatory Policy review shall be conducted in the event of significant changes in international or Russian Federation law in the sphere of personal data.

The following are considered when introducing changes to the terms of the Policy:

– changes in the information infrastructure and/or technologies used by the Company;
– established practice of enforcement of law in the sphere of personal data in the Russian Federation;
– Changes to the conditions and nature of the Company's personal data processing in connection with the introduction of new information systems, processes and technologies into the Company's operation.

Faberlic Online Store Rules (Offer) valid as of 1 September 2021


Basic Definitions

Customer is defined as a person who intends to purchase products, and who places an Order in the Online Store, and to this end provided the Seller with their personal information (surname, first name, patronymic, address, e-mail, phone number, etc.), which can be used to place repeat Orders.

Seller is Joint Stock Company Faberlic. Corporate address: 4 Nikopolskaya st., Moscow 117403, Russia. Primary State Registration Number 1025000507399.

Online Store is the Company website where a Customer can view the Products sold by the Seller, their descriptions, and prices, choose a specific Product, payment and delivery method, and place an Order. The Online Store is located at www.faberlic.com. It is owned and administered by JSC Faberlic.

Product is an object to be bought and sold that is not withdrawn from or limited in general circulation and is available for sale in the Online Store via displaying in the appropriate section of the Online Store. Only Products marked in the Online Store as "in stock" can be considered objects of sale and purchase.

Order is an online request made by the Customer for purchase and delivery of the Products selected in the Online Store to the address indicated in the request.


1. Scope of the Agreement. General Provisions

1.1. These Faberlic Online Store Rules are the sale and purchase agreement (hereinafter referred to as "the Agreement") that defines the procedure for retail purchase and sale of Products in the Faberlic Online Store and is the official public offer of JSC Faberlic (the Seller) to persons (Customers) in accordance with article 435 and part 2 of article 437 of the Civil Code of the Russian Federation.

The provisions of the Civil Code of the Russian Federation (including general provisions on retail purchase and sale (chapter 30), the Law of the Russian Federation "On Protection of Consumer Rights", Administrative Regulations on remote sales, Administrative Regulations on the sale of certain types of goods, and other legal regulations adopted in accordance with them shall apply to the relations between the Parties.

When referred to jointly, the Seller and Customer are hereinafter referred to as "the Parties", and each is personly referred to as a "Party".

1.2. Each Party guarantees the other Party that they have the necessary legal capacity as well as all rights and powers necessary and sufficient for the commencement and execution of the Agreement.

1.3. By ordering Products from the Online Store, the Customer consents to all the terms of this Agreement.

The cost of a Product that is displayed on the Online Store is equivalent to that Product's cost in the FABERLIC catalogues.

1.4. The Seller is obliged to sell the Product ordered on the Online Store to the Customer and the Customer is obliged to receive and pay for said Product.

1.5. The current version of the Agreement is available in the Online Store. The Seller reserves the right to make changes to this Agreement, and the Customer is therefore obliged to monitor changes to the Agreement as posted on the Online Store. In the event of changes to the terms of the Agreement, the Seller shall publish an appropriate notice and the amended text of the Agreement on the Online Store no later than 7 (seven) business days before the date when the changes become effective. The updated terms of the Agreement shall apply to Orders placed after the updated version of the Agreement becomes effective.

1.6. The Customer consents to the terms of this Agreement and the Agreement shall be considered to have been made between the Parties from the moment the Customer places their first Order in the Online Store.

1.7. Ticking the "I agree to the processing of personal data" box in the online store during registration shall be considered as the Customer's consent to the processing of their personal information.

2. Registration in the Online Store

2.1. Customers shall register in the Online Store (provide personal information necessary for the Parties to execute the Agreement) to place Orders.

2.2. The Customer is responsible for the accuracy and correctness of the information provided when registering in the Online Store.

2.3. When registering, the Customer must provide the following information:

1. Last name
2. First name
3. E-mail address (optional)
4. Mobile phone number
5. Postal address (Country, Region, City/Town, Address)

2.4. After entering this information, a confirmation message with a password, verification code, and ID number will be sent to the Customer's mobile phone number. The ID number is the login, and the password is any combination of at least 6 characters (Latin letters and/or numbers).

Indiviual identification of the Customer prevents unauthorized actions of third parties on behalf of the Customer. The Customer assumes responsibility for all possible negative consequences if login and password information is transferred to a third party.

2.5. A login and password enable the Customer to use their personal account in the Online Store, which includes placing orders, paying for Products, etc. Login and password may be used for placing Orders multiple times.

3. Order Placement and Terms

3.1. When placing an Order, the Customer fills in the order form for Products in the Online Store and confirms the Order ("Confirm Order" function in the Online Store personal account). The Order is considered duly placed when the order is assigned the status " confirmed" in the Customer's personal profile and the Seller assigns an individual number to the order. The individual number of the Order is indicated in the Customer's personal profile.

3.2. The Customer has the right to change the contents of the Order up to the moment it is sent to assembly ("Edit Order" function in the Online Store personal account).

3.3. When the Product arrives at the collection point (hereinafter referred to as the CP) acting on behalf of the Seller to deliver the Product to the Customer, the Customer will receive a text message notification that the Product has arrived at the CP.

3.4. Upon delivery of the Product through third parties (courier service, JSC "Russian Post", PickPoint, SDEK, etc.), the Customer will be notified about the Order's arrival by aforesaid third parties.

3.5. If the required Products are not in stock when the Order is placed, the Customer can order the Product using the "Auto-order" function. The Seller will notify the Customer of Product availability through the personal account as soon as the Product reaches the Seller. The list of Products available for auto-order is determined at the Seller's discretion.


4. Delivery

4.1. Product delivery term is specified in the Online Store and depends on the delivery method. The Seller will make every effort to comply with the date and time of delivery specified in the relevant Order, however, delivery delays are possible due to unforeseen circumstances where the Seller is not at fault. The time and date that the Order will be delivered to the Customer depend on the delivery region and the Order processing time.

4.2. The risk of accidental destruction or damage to the Product passes to the Customer at the moment the Product is transferred to the Customer.

4.3. Products can be delivered by:

4.3.1. Delivery of Products to the CP chosen by the Customer when placing the Order

4.3.2. Door-to-door delivery of the Product via courier service to the address indicated when placing the Order.

4.3.3. Delivery of Products through JSC "Russian Post" to the post office indicated in the Order.

4.3.4. Delivery to the partner's collection point (PickPoint, SDEK, and SberLogistics parcel terminals, etc.) selected by the Customer when placing the Order (hereinafter referred to as the "PCP").

4.4. Receiving Products at the CP:

4.4.1.If no claims to the Product's unit packaging at the moment of reception, the Customer shall check the Order and confirm that the Product was received and there are no claims to the assortment, quantity, appearance, packaging, or correlation between ordered and received Products by signing the Order List.

4.4.2. In the event of claims to the Product packaging, the person transferring the Product to the Customer will not transfer the Product to the Customer, but instead will offer to open the packaging and inspect the Product. If discrepancies are discovered during the inspection of the Product (defective items, shortages, etc.), then the person transferring the Product to the Customer and the Customer shall file a statement of the revealed discrepancies. Ultimately, the Customer can either accept the Product or refuse to accept it. The number of Products accepted by the Customer will be indicated in the statement.

4.4.3. The Customer confirms that there are no claims to the appearance, quantity, quality (obvious defects), and completeness of the Product by signing the Order List. After the Product is accepted by the Customer, the Seller shall not accept claims against the appearance, quantity, quality (obvious defects), and completeness of the Product.

4.4.4. Upon receipt of the Products, the Customer provides the Order individual number and their passport (or another identity document).

The Customer has the right to provide the Order individual number to any person at their discretion, who has the right to receive the Order at the CP by providing the Order individual number, their passport (or another identity document) and a copy of the Customer's passport (or another identity document.

To avoid fraud and to fulfil all necessary obligations, the person receiving the Order at the CP shall indicate their full name and the details of the identity document provided, in the List of Orders. The Seller guarantees confidentiality and protection of the Customer's information.

The Customer hereby expresses their consent to the processing of personal data specified in this paragraph (both their own and the person receiving the Order, i.e. the Customer guarantees that the person receiving the Order at the CP on behalf of the Customer has provided such consent) on the same terms as the Customer has provided their consent for the processing of personal data when registering in the online store.

4.4.5. Orders shall be stored at the CP for 10 (ten) calendar days from the day after delivery to the CP, after that delivery shall be locked and returned to the Seller if not claimed by the Customer.

4.4.6. Paid Orders shall be stored at the CP for 30 (thirty) calendar days from the day after delivery to the CP, after that delivery shall be locked and returned to the Seller if not claimed by the Customer.

4.5. Receipt of a Product via JSC "Russian Post" and PCPs shall be carried out by the rules of these organizations.

4.6. The Customer shall receive an Order Slip along with the Product.

4.7. Ownership of the Product passes from the Seller to the Customer at the moment the Customer receives the Product.

4.8. Products can be picked up in person at 1/10 Logisticheskaya st., Domodedovo, Moscow Region on Fridays from 14:00 to 15:00. To place an Order to be picked up in person, the Customer can contact the Seller's representative through the Feedback function in the Online Store.

The Seller will notify the Customer that the Product is ready for pick-up by text message, or by a message in the personal account.


5. Product Prices and Payment

5.1. The Price of a Product is indicated next to the name of the Product in the Online Store.

5.2. The price of a Product in the Online Store may be changed at the Seller's discretion. However, the price of a Product that is in the Order already placed (confirmed) by the Customer is not affected by any changes, except in cases where the Customer, after confirming the Order, changes the contents of the Order (Order editing is possible until the Order is sent to assembly) – in this case, prices valid at the time the edited Order is confirmed shall apply.

5.3. The Customer can pay for Orders using the methods and timeframes indicated in the Online Store in the form of advanced payment, as well as by cash on delivery by courier service.

5.4. In cases where Russian law provides for the issue of a cashier's or sales receipt to the Customer, such an obligation shall also be deemed fulfilled when a cashier's or sales receipt is sent to the Customer by electronic or other technical means.


6. Product Returns

6.1. Non-defective product return:

6.1.1. Non-defective products can be returned within 14 (fourteen) calendar days (within 7 (seven) calendar days for DENAS products) after receipt of the Product, with a refund request and if the Product has not been used and is of appropriate resale condition (no broken seals or damaged factory labels, all protective plastic packaging or protective membranes intact, etc.) and with a document confirming the purchase (receipt or Order Slip that was sent to the Customer along with the Product).

6.1.2. If the Customer received the Product at the CP,  the Product shall be returned by the Customer to the CP where the Product was received, or via JSC "Russian Post".

6.1.3. If the Customer received the Product via JSC "Russian Post", the Product shall be returned via JSC"Russian Post".

6.1.4. If the Customer received the Product via PCP, the Product shall be returned through JSC "Russian Post".

6.1.5. The Seller shall return the sum paid for the returned Product to the Customer within 10 (ten) calendar days from the date when the Customer meets the requirements (providing the Product, the refund request, and the receipt or Order Slip to the Seller).

6.2. Defective product return:

6.2.1. If the Customer discovers a defect in a Product that has not been disclosed by the Seller, the Customer has the right to withdraw from the Agreement and demand a refund in the amount paid for the Product. The Customer shall, however, return the defective Product to the Seller.

6.2.2. The Seller is responsible for defects in Products with no warranty period if the Customer can prove that the defect occurred before the Product's transfer to the Customer or for reasons that arose before that time.

6.2.3. The Customer has the right to submit claims to the Seller relating to defective Products if such is discovered during the warranty period or shelf life.

For all Products without a specified warranty period, this is considered to be 30 (thirty) days.

6.2.4. The Customer's requests for a reduction in the Product purchase price, compensation for defect correction cost incurred by the Customer or a third party, or refund of the money paid for the Product shall be fulfilled by the Seller within 10 (ten) days from the date all requirements are met (providing the Seller with the Product, the refund request, the receipt or Order Slip, and documents confirming the product defects in circumstances accounted for by the current legislation of the Russian Federation).

6.2.5. If the Customer received the Product at the CP, the Product shall be returned by the Customer to the CP where the Product was received or via JSC "Russian Post".

6.2.6. If the Customer received the product via JSC "Russian Post", the Product shall be returned through JSC "Russian Post".

6.3. The Seller shall not accept returned products without a completed refund request or in the event of inadequate completion (providing unreliable or incomplete information). The refund request form can be downloaded from the website www.faberlic.com.

When returning Products to the CP, the CP employee shall check the return validity (deadline observance, the Product condition at the time of return, refund request correctness, etc.), accept the Product, and create a Claim document in the CP profile on www.faberlic.com.

The document confirming the Product return to the CP is the refund request (issued in two copies: one copy is given to the CP, the second one is for the Customer, on which the CP employee marks the acceptance of the returned Product), which the Customer shall keep at least until receipt of the refund for the returned Product.

The documents that confirm the Product return via JSC "Russian Post" are documents (receipts, etc.) issued by JSC 'Russian Post", which the Customer shall keep at least until receipt of the refund for the returned Product.

6.4. Considering that the Customer checks the Product quantity, appearance, apparent defects, and packaging upon receipt at the CP, only hidden Product production defects that could not be detected while checking the Product can be a reason for return after the Customer receives the Product at the CP.

6.5. Product return cost.

Returning defective Products through a CP is free for the Customer.
If returning a non-defective Product through a CP, the Customer shall receive a refund for the Product, excluding the cost of delivering the Product to the Seller from the Customer.

Returning non-defective products via JSC "Russian Post" is always at a fee. The return cost is determined by the JSC "Russian Post" (rates can be found on www.faberlic.com, Defective and Non-Defective Products Return page). If returning a non-defective Product via JSC "Russian Post", the Seller shall refund to the Customer for the products, excluding the cost of delivery from the Seller to the Customer.

Returning a defective Product (or cross-picking) via JSC "Russian Post" costs the Customer a fee, but the Seller compensates postage to the Customer. The Customer shall save the receipt for postage and report it in the Feedback section on www.faberlic.com, along with a photo or scanned copy of the receipt attached to receive postage compensation. The cost of postage shall be returned in the same way as the cost of the returned Product within 10 (ten) calendar days from the date when the Seller receives the photo or scanned copy of the receipt.

When returning a Product via JSC "Russian Post" it shall be sent to the address of the Seller's Regional Distribution Centre (RDC) from where the Order was shipped for further delivery to the Customer (learn more on the website www.faberlic.com, tab "Returns").

6.6. The Seller shall bear the costs of refunding the amount paid by the Customer for the defective products. The Customer shall bear the costs of refunding the amount paid for the non-defective products.

6.7. Product return date.

When returning a Product to the CP, the return date is the date the Product is transferred to the CP.
When returning a Product via JSC "Russian Post", the return date shall be considered the date when the Product and a properly completed refund request arrives at the Seller's warehouse, along with attached documents confirming the defective quality of the Product in cases established by the legislation of the Russian Federation.

6.8. The Seller has the right to change or set additional conditions for the return of any Product by making changes/additions to this Agreement or by publishing them in the Online Store (for example, in the Representatives section, in the Returns section, etc.).

7. Responsibilities

7.1. The Seller shall bear no responsibility for damage caused to the Customer due to improper use of a Product purchased in the Online Store.

7.2. The Customer shall bear all responsibility for the authenticity of the information provided when registering in the Online Store, as well as for the proper acceptance of and payment for Products.

7.3. The Parties are exempt from liability caused by full or partial failure to fulfil their obligations if such failure was caused by force-majeure circumstances that occurred after the parties entered into the Agreement, arising from extraordinary events that the Parties could not foresee or prevent by reasonable measures.

7.4. In other cases of non-fulfilment or improper performance of their obligations, the Parties bear responsibility in accordance with the current legislation of the Russian Federation.


8. Personal Information

8.1. Personal information of Customers can only be used by the Seller for the performance of the Agreement. If the Agreement is terminated for any reason, the Seller is obligated to delete any information/destroy any documents containing Customers' personal information within the period established by law. When using a Customer's personal information, the Seller shall comply with the requirements of the current legislation governing personal information usage.

8.2. The Customer shall give consent to the Seller for:

- Cross-border transfer of their personal data referred to in cl. 2.3 hereof to Microsoft - Airland Operations Limited Un Microsoft Court, address: South County Business Park, Leopardstown, Dublin, D18 P521, Ireland, tel. +353 (1) 2953826 to enter data into the personal data information systems.

- Processing of their personal data by ticking the box during the registration to the online store. The terms and conditions for giving consent to the processing of personal data are available at the Online Store.

8.3. Customers have the right to withdraw their consent for the Seller to use their personal information under the procedure provided for in paragraph 5 article 21 of Federal Law "On Personal Data" dated 27.07.2006.

8.4.Upon registration, the Customer shall have the right to consent to the processing of personal data specified in clause 2.3. of the Agreement by their Sponsor (FABERLIC Representative who invited them to purchase the Product at the Online Store or FABERLIC Representative proposed by the Seller when registering the Customer at the Online Store and registered in the area of the Customer residence). The Customer shall give such consent by ticking the appropriate box on the Online Store page solely to facilitate the Customer shopping, receive appropriate discounts and gifts from the Seller.


9. Miscellaneous

9.1. The Customer guarantees that they understand the complete terms of this Agreement and accept them unconditionally and in full.

9.2. The Parties will seek to resolve all disputes through negotiation. If an agreement cannot be reached, the dispute will be referred to the court in accordance with the current legislation of the Russian Federation.

9.3. The invalidity of any provision of this Agreement does not entail the invalidity of the remaining provisions.

9.4. The Seller has the right to elaborate/clarify/change the Agreement terms by providing relevant information on the Online Store in the "For Representatives" section.

9.5. If, at the moment the Agreement is terminated, the Parties (at least one) have outstanding obligations which were assumed under the Agreement, then the Agreement is terminated only after all such obligations are fulfilled.

9.6. If the Agreement terms contradict or may contradict the requirements of the legislation of the Russian Federation, then the legislation shall prevail.

10. Seller Details

Faberlic Joint Stock Company (JSC FABERLIC)

Legal address: 4 Nikopolskaya st., Moscow 117403
Physical address: 4 Nikopolskaya st., Moscow 117403
TIN 5001026970,
RRC 660850001,
OGRN 1025000507399,
OKPO 48781886,
Transactions account 40702810938110110069
Sberbank PJSC
Correspondent account 30101810400000000225,
RCBIC 044525225
tel.: +7 495 788-85-28

Executive body: General Director K.S.Barmashov

WE HAVE SENT YOU A CONFIRMATION CODE BY TEXT TO THE NUMBER
Change phone number
Incorrect code entered
You should enter the value
Resend
This is recommended to make purchases and place orders through the site. You will receive a confirmation code in a text message.
You will be able to resend the code in seconds.
The limit for repeated SMS messages has been exceeded. Please try again later
You will be able to resend the code in seconds.
ENTER VALID PHONE #
Invalid phone number format
You should enter the value
The phone number entered is invalid.
Resend
You will be able to resend the code in seconds.