1.1. The most important condition for the implementation of the objectives of the Contractor (LLC " UK "Hotel Moscow") is to ensure the necessary and sufficient level of security of information, which, among other things, include personal data.
1.2. The policy regarding the processing of the Contractor's personal data determines the procedure for the collection, storage, transfer and other types of processing of the Contractor's personal data, as well as information about the requirements for the protection of personal data.
1.3. The policy is developed in accordance with the current legislation of the Russian Federation.
2. THE SCOPE OF PERSONAL DATA
2.1. Information constituting personal data is any information related directly or indirectly to a certain individual (subject of personal data).
2.2. All processed personal data are confidential, strictly protected information in accordance with the legislation of the Russian Federation.
3. PURPOSE OF PROCESSING PERSONAL DATA
3.1. Personal data is processed by the Contractor for the purpose of execution of labour and other contractual relations, personnel, accounting, tax accounting, and also for the purpose of organizing and conducting (including with the involvement of a third party) loyalty programs, marketing and/or advertising campaigns, research, surveys, and other events; performance by the Contractor of obligations under contracts of rendering of services (assistance in the framework of the insurance relationship, expert services, evacuation, repair of vehicles, retail sale of goods, etc.), as well as in online stores of the Contractor; provision of other services to the subjects of personal data; promotion of services and/or goods of the Contractor and / or the Contractor's partners in the market through direct contacts with customers through various means of communication, including, without limitation, by phone, e-mail, mailing, on the Internet, etc.; for other purposes, if the actions do not contradict the current legislation of the Russian Federation.
3.2. in order to properly perform its duties, the Contractor processes the following personal data necessary for the proper performance of contractual obligations:
personal data of employees who have an employment relationship with the Contractor ;
personal data of other individuals, including, but not limited to, consisting in contractual, student, civil-law relations with the Contractor, including, but not limited to, pupils, buyers, regular customers, insurers, persons wishing to conclude insurance contracts.
4. THE PROCEDURE FOR COLLECTION, STORAGE, TRANSFER AND OTHER PROCESSING OF PERSONAL DATA
4.1. The processing of personal data, carried out without the use of automation, is carried out in such a way that for each category of personal data, it was possible to determine the places of storage of personal data (tangible media). The contractor has established a list of persons who process personal data or have access to them. Provided by the separate storage of personal information (material carriers), the processing of which is carried out for different purposes. The contractor ensures the safety of personal data and takes measures to prevent unauthorized access to personal data.
4.2. The processing of personal data carried out with the use of automation, is carried out subject to the following actions: the Contractor carries out technical measures aimed at preventing unauthorized access to personal data and (or) transfer them to persons who do not have the right of access to such information; security tools are set for timely detection of unauthorized access to personal data; the technical means of automated processing of personal data are isolated in order to prevent the impact on them, as a result of which their functioning may be disrupted; the Contractor performs data backup in order to be able to immediately restore personal data modified or destroyed as a result of unauthorized access to them; exercises constant control over ensuring the level of protection of personal data.
5. INFORMATION ABOUT ONGOING REQUIREMENTS FOR PROTECTION OF PERSONAL DATA.
5.2. To develop and implement specific measures to ensure the security of personal data during their processing in the information system, the Contractor shall appoint a responsible person to the information technology division of the Contractor.
6. THE RIGHTS AND OBLIGATIONS OF THE CONTRACTOR
6.1. The contractor has the right:
defend your interests in court;
provide personal data of subjects to third parties, if required by applicable law (tax, law enforcement agencies, etc.).);
refuse to provide personal data in cases stipulated by the legislation;
use personal data of the subject without his consent, in cases stipulated by the legislation.
7. THE RIGHTS AND OBLIGATIONS OF PERSONAL DATA SUBJECTS
7.1. The subject of personal data has the right:
require clarification of their personal data, their blocking or destruction if the personal data is incomplete, outdated, unreliable, illegally obtained or are not necessary for the stated purpose of processing, as well as to take legal measures to protect their rights;
require a list of their personal data processed by the Operator and the source of their receipt;
receive information about the processing time of their personal data, including the period of their storage;
require the notification of all persons who have previously been informed of incorrect or incomplete personal data about all exceptions, corrections or additions made in them;
appeal to the authorized body for the protection of the rights of personal data subjects or in court unlawful actions or omissions in the processing of his / her personal data;
to protect their rights and legitimate interests, including on indemnification and (or) compensation of moral harm in a judicial order.
8. FINAL PROVISION
8.1. This Policy is subject to change, addition in case of emergence of new legal acts and special regulatory documents on processing and protection of personal data. 8.2.Details for the receipt of notices, demands, statements, denials of the subject of personal data: email email@example.com, postal address: Russia, 191317, St. Petersburg,
Alexander Nevsky square, 2, phone: 8 (812) 333-2-444.