Consultation
RU
EN
Do you have any questions?
Contact us!
Close
Any questions?
Fill out the contact form
Our site uses cookies to provide you with the best experience
Ok
EN
RU
Visas
Tours
Travel services
Services for business
Contacts
Consultation
Privacy Policy
1. Introduction
1.1. This Privacy Policy (hereinafter "Policy") is designed to comply with the requirements of the Federal Law of July 27, 2006 No. 152-ФЗ "On Personal Data" (hereinafter "Law on Personal Data") and outlines the procedure for processing personal data and measures to ensure the security of personal data implemented by Green Elreal LLC (hereinafter "Operator").
1.2. The Operator's primary goal and obligation is to ensure the protection of the rights and freedoms of individuals and citizens in the processing of their personal data, including protecting the right to privacy, personal and family secrets.
1.3. This Policy applies to all information that the Operator can receive about users of the website https://greenappletravel-en.ru.
2. Definitions
2.1. Automated personal data processing - processing of personal data using computer equipment.
2.2. Blocation - temporary suspension of personal data processing (unless processing is necessary to clarify personal data).
2.3. Website - a set of graphic and information materials, as well as computer programs and databases that provide their accessibility on the Internet at the network address https://greenappletravel-en.ru.
2.4. Information system of personal data - a set of personal data contained in databases and ensuring their processing using information technologies and technical means.
2.5. Depersonalization of personal data - actions resulting in the impossibility of determining without the use of additional information the belonging of personal data to a specific user or other subject of personal data.
2.6. Personal data processing - any action (operation) or set of actions (operations) performed using automation tools or without using such means with personal data, including collection, record, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, removal, and destruction of personal data.
2.7. Operator - a state body, municipal body, legal entity, or individual who independently or together with other persons organizes and/or carries out the processing of personal data, as well as determines the purposes and methods of processing personal data, the composition of personal data subject to processing, and actions (operations) performed with personal data.
2.8. Personal data - any information related directly or indirectly to a specific or determined user of the website https://greenappletravel-en.ru.
2.9. Personal data allowed for distribution - personal data to which an unlimited number of persons have access, provided that the subject of personal data has given consent to the processing of such data for the purpose of their distribution in the manner prescribed by the Law on Personal Data (hereinafter - personal data allowed for distribution).
2.10. User - any visitor to the website https://greenappletravel-en.ru.
2.11. Provision of personal data - actions aimed at disclosing personal data to a specific person or a certain circle of persons.
2.12. Distribution of personal data - any actions aimed at disclosing personal data to an unlimited number of persons or familiarizing an unlimited number of persons with personal data, including publication in the media, posting on information and telecommunication networks, or providing access to personal data in any other way.
2.13. Cross-border transfer of personal data - the transfer of personal data to the territory of a foreign state to the authority of a foreign state, a foreign physical person, or a foreign legal entity.
2.14. Destruction of personal data - any actions resulting in the irreversible destruction of personal data with the impossibility of further restoring the content of personal data in the personal data information system and/or the destruction of material carriers of personal data.
3. Principles of Personal Data Processing
3.1. Personal data processing is carried out on a legal and fair basis.
3.2. Personal data processing is limited to the achievement of specific, predetermined, and legitimate purposes. Personal data processing that is incompatible with the purposes of collecting personal data is not allowed.
3.3. Personal data processing that is incompatible with the purposes of collecting personal data is not allowed.
3.4. Personal data is accurate, sufficient, and, if necessary, up-to-date in relation to the purposes of personal data processing. The conditions and procedure for updating personal data are determined by the personal data operator.
3.5. Personal data is stored in a form that allows the data subject to be determined for no longer than the period necessary to achieve the purposes of personal data processing, unless a longer period of personal data storage is established by federal law or an agreement to which the data subject is a party.
3.6. Personal data is destroyed or depersonalized upon the achievement of the purposes of personal data processing or in the event of the loss of the need to achieve these purposes, unless otherwise provided by federal law.
4. Rights of Personal Data Subjects
4.1. The subject of personal data has the right to receive information about the processing of their personal data, including:
  • confirmation of the fact of personal data processing;
  • legal grounds and purposes of personal data processing;
  • the purposes and methods of personal data processing used in the implementation of personal data processing;
  • the name and location of the operator, information about persons who have access to personal data or who may become aware of them on the basis of an agreement with the operator or on the basis of federal law;
  • processed personal data relating to the data subject, the source of their receipt, unless a different procedure for providing such data is established by federal law;
  • terms of personal data processing, including the periods of their storage;
  • the procedure for the exercise by the data subject of the right to correct, block, or destroy personal data, if such personal data is incomplete, outdated, inaccurate, illegally obtained, or not necessary for the stated purpose of processing;
  • the name or surname, name, patronymic and address of the person processing personal data on behalf of the operator, if the processing is entrusted or will be entrusted to such a person;
  • other information provided for by federal law.
4.2. The subject of personal data has the right to access their personal data and requires the operator to correct, block, or destroy their personal data if this personal data is incomplete, outdated, inaccurate, illegally obtained, or not necessary for the stated purpose of processing.
4.3. The subject of personal data has the right to protect their rights and legitimate interests, including the right to compensation for damages and/or compensation for moral harm in a court of law.
4.4. The subject of personal data has the right to appeal to the authorized body for the protection of the rights of personal data subjects or to a court against the unlawful actions or inaction of the operator.
5. Responsibilities of the Operator
5.1. The operator is responsible for organizing the processing of personal data in accordance with the Law on Personal Data and the requirements specified in the norms of other federal laws.
5.2. The operator is responsible for ensuring the security of personal data during their processing in accordance with the Law on Personal Data.
5.3. In case of a personal data breach, the operator is responsible for notifying the personal data subject or their representative (if the personal data subject has designated a representative) and the authorized body for the protection of the rights of personal data subjects.
5.4. The operator is responsible for familiarizing personal data subjects with this Policy upon request of the personal data subject.
5.5. The operator is responsible for collecting, storing, and updating personal data of users and ensuring their accuracy, security, and confidentiality.
5.6. The operator is responsible for providing users with access to their personal data and for updating and correcting their personal data.
5.7. The operator is responsible for ensuring the safety of personal data and taking necessary and sufficient legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions with personal data.
5.8. The operator is responsible for ensuring the accuracy of personal data and taking necessary measures to update personal data.
5.9. The operator is responsible for ensuring the confidentiality of personal data and preventing unauthorized access to personal data.
5.10. The operator is responsible for ensuring the accuracy of personal data and taking necessary measures to update personal data.
5.11. The operator is responsible for ensuring the security of personal data and taking necessary measures to prevent unauthorized access to personal data.
5.12. The operator is responsible for complying with the requirements of the Law on Personal Data and other regulatory legal acts in the field of personal data protection.
6. Purpose and Scope of Personal Data Processing
6.1. The purpose of processing personal data is to inform users about the services provided by the Operator, to provide users with access to the services, and to improve the quality of services.
6.2. The scope of personal data processed by the Operator includes:
  • First name, last name, and patronymic (if available) of the user;
  • Email address of the user;
  • Phone number of the user;
  • Other personal data provided by the user when using the services of the Operator.
7. Legal Basis for Personal Data Processing
7.1. The legal basis for personal data processing is the consent of the personal data subject to the processing of their personal data.
7.2. The processing of personal data is also carried out in cases where it is necessary to protect the vital interests of the personal data subject, as well as in cases where the processing of personal data is necessary for the performance of the contract to which the personal data subject is a party or for the performance of legal obligations of the operator.
8. Conditions for Personal Data Processing
8.1. Personal data processing is carried out with the consent of the personal data subject.
8.2. Personal data processing is carried out without the consent of the personal data subject in cases where:
  • The processing of personal data is necessary to achieve the purposes provided for by the Law on Personal Data, including the execution of justice;
  • The processing of personal data is necessary to protect the life, health, rights, and legitimate interests of the personal data subject or other persons;
  • The processing of personal data is necessary for the performance of functions assigned to the authorized body in accordance with the Law on Personal Data;
  • The processing of personal data is necessary for the performance of an agreement to which the personal data subject is a party or to take actions on the initiative of the personal data subject before concluding the agreement;
  • The processing of personal data is necessary for the performance of legal obligations of the operator, including those stipulated by the legislation of the Russian Federation on taxes and fees;
  • The processing of personal data is necessary for the administration of justice, for the execution of a judicial act, for the execution of an act of another body or official subject to execution in accordance with the legislation of the Russian Federation on enforcement proceedings;
  • The processing of personal data is necessary for the execution of an agreement to which the personal data subject is a party or to take actions on the initiative of the personal data subject before concluding the agreement.
9. Personal Data Processing Procedure
9.1. Personal data processing is carried out with the consent of the personal data subject.
9.2. Personal data processing is carried out using automation tools and without using such tools.
9.3. Personal data is processed by the Operator and other persons who have access to personal data and who have the right to process personal data under the contract with the Operator.
9.4. Personal data subjects have the right to obtain information about the processing of their personal data, including information about the legal grounds and purposes of processing, the composition of personal data, the composition of actions performed with personal data, the purposes of processing, the list of recipients to whom personal data is disclosed, the terms of processing, the procedure for the exercise of the rights of personal data subjects, and other information provided for by the Law on Personal Data.
9.5. Personal data subjects have the right to access their personal data, including the right to receive a copy of their personal data in an accessible form.
9.6. Personal data subjects have the right to demand the correction, blocking, or destruction of their personal data if such data is incomplete, outdated, inaccurate, illegally obtained, or not necessary for the stated purpose of processing.
9.7. Personal data subjects have the right to appeal to the authorized body for the protection of the rights of personal data subjects or to a court against the unlawful actions or inaction of the Operator in the processing of their personal data.
10. Personal Data Protection Measures
10.1. The Operator takes necessary and sufficient legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions with personal data.
10.2. The Operator ensures the safety of personal data by means of technical and organizational measures, including:
  • Encryption of personal data;
  • Access control to personal data;
  • Regular updating of software and hardware used to process personal data;
  • Regular training of employees who have access to personal data;
  • Regular monitoring of the security of the personal data information system.
11. Personal Data Storage Period
11.1. Personal data is stored for no longer than the period necessary to achieve the purposes of personal data processing, unless a longer period of personal data storage is established by federal law or an agreement to which the personal data subject is a party.
12. Personal Data Transfer
12.1. The Operator does not transfer personal data to third parties, except in cases provided for by the Law on Personal Data.
12.2. The Operator transfers personal data to third parties only with the consent of the personal data subject or in cases provided for by the Law on Personal Data.
13. Final Provisions
13.1. This Policy is subject to changes and updates. The current version of the Policy is available on the website https://greenappletravel-en.ru.
13.2. The Operator reserves the right to unilaterally modify this Policy by posting a new version of the Policy on the website https://greenappletravel-en.ru.
13.3. The new version of the Policy becomes effective from the moment of its publication, unless otherwise provided by the new version of the Policy.
13.4. The Operator is not responsible for the accuracy of the personal data provided by the user.
13.5. The Operator is not responsible for the violation of the security of personal data, which occurred due to the actions of third
13.6 The current version of the policy in the public domain is located on the Internet at https://greenappletravel-en.ru/document.
Made on
Tilda