1. General Provisions
1.1. This document defines the policy of RAKETA LLC (hereinafter referred to as the Operator) in relation to personal data processing and sets out a system of basic principles applicable to the processing of personal data in the Company.
1.2. RAKETA LLC is a personal data operator and is registered as the personal data operator.
1.3. The effect of this Policy applies to all operations performed by the Operator with personal data using automation tools or without their use.
1.4. This Policy is drawn up in accordance with the requirements of the Federal Law of the Russian Federation No. 152-FZ “On Personal Data” dated July 27, 2006.
1.5. This Policy is updated in case of changes in the legislation of the Russian Federation on personal data. The policy is updated by the Operator as necessary, without prior notice to the personal data subjects.
1.6. The operator developed and put into effect documents that establish the processing and security of personal data that ensure compliance with the requirements of the Federal Law of the Russian Federation No. 152-FZ "On Personal Data" dated July 27, 2006 and regulatory legal acts adopted in accordance with it.
2. Key concepts used in this policy
2.1. Personal data - any information relating directly or indirectly to a specific or identifiable individual (subject of personal data).
2.2. Personal data subject (SPD) - an individual who is directly or indirectly identified through personal data.
2.3. Processing personal data - any action (operation) or set of actions (operations) performed using automation tools or without using such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
2.4. Automated processing of personal data - processing of personal data using computer technology.
2.5. Providing personal data - actions aimed at the disclosure of personal data to a specific person or a certain group of persons.
2.6. Blocking of personal data - temporary termination of the processing of personal data (unless the processing is necessary to clarify personal data).
2.7. Deleting of personal data - actions that ensure the impossibility to restore personal data in personal data information system and (or) ensure that physical media containing personal data are destroyed.
2.8. Personal data information system - a set of personal data contained in databases, along with technologies and technical means, providing the information processing.
2.9. Cross-border transfer of personal data - the transfer of personal data to the territory of a foreign state, to a government body of a foreign state, to a foreign individual or to a foreign legal entity.
2.10. Client, Agency - a legal entity that uses the services of RAKETA LLC on a contractual basis, and provides personal data exclusively within the framework of contractual relations.
2.11. Site visitor - an individual who visited the website raketa.world and left their personal data in the form of collecting personal data "How to contact you?".
2.12. User - an individual connected with the Client or the Agency with an employment or contractual relationship.
2.13. Cookies - a short piece of data sent by the web browser or web client to the web server in the HTTP request, whenever the user tries to open the page of the site. The fragment is stored on the user's computer. It is created during user authorization in the system.
2.14. IP-address - a unique network address of a node in a computer network built using the TCP / IP protocol.
3. Purpose of collecting personal data. Personal Information Collected
3.1. The collection of personal data of the Site Visitor is carried out in order to communicate with the Site Visitor. The site visitor informs the Operator of the following personal data: surname; name; contact number; E-mail address; Company name; Position.
3.2. The collection of User’s personal data is carried out with the aim of providing travel services to the user. The user can inform the Operator of the following personal data (optional): last name; name; patronymic (if present); E-mail address; floor; Date of Birth; citizenship; Place of Birth; number and series of a passport of a citizen of the Russian Federation; copy of the passport of a citizen of the Russian Federation; copy of the passport of a citizen of the Russian Federation; copy of the passport of another country; copy of birth certificate; copy of visas.
3.3. Cookies transmitted by the Operator’s services to the User’s equipment and the User’s equipment to the Operator’s services can be used by the Operator to provide the User with personalized services, improve the quality of services, for statistical and research purposes.
3.4. Operator Services collect statistics about the IP addresses of all Users. Information about IP addresses is needed to identify and solve technical problems and to control how legitimate financial payments will be, as well as to ensure the safety of Users' data.
4. Principles and conditions for the processing of personal data
4.1. The processing of personal data is carried out on a legal and fair basis.
4.2. The processing of personal data is limited to the achievement of the specific ones defined in section 3. Processing of personal data that is incompatible with the purposes of collecting personal data is not allowed.
4.3. Processing of personal data of the Site Visitor is carried out exclusively with the consent of the Site Visitor.
4.4. The personal data of the Website Visitor is not transferred to third parties. Transfer to the territory of a foreign state is not carried out.
4.5. The term for processing the personal data of the Site Visitor is 1 year from the date of providing this data to the Operator.
4.6. The processing of the User’s personal data is carried out exclusively on a contractual basis. The contract is concluded between the Operator and the Client / Agency. The Client / Agency is required to obtain the consent of the User to the processing of his personal data and transfer it to third parties. The Client / Agency is responsible for obtaining the User’s consent to the processing of his personal data in the Operator’s services. Other conditions for processing personal data of Users are indicated in the relevant agreement with the Client / Agency. The User’s personal data is not processed without an agreement between the Operator and the Client / Agency.
4.7. The term for processing the User’s personal data is until the end of the contract between the Client / Agency, unless otherwise specified in the contract.
4.8. Personal data provided as part of a contractual relationship with the Client / Agency is not transferred to third parties without the consent of the Client / Agent.
4.9. Cross-border transfer of the User’s personal data is carried out on the territory of foreign states that are parties to the Council of Europe Convention on the Protection of Individuals with Automatic Processing of Personal Data, as well as other foreign states that provide adequate protection for the rights of personal data subjects, subject to the corresponding consent from the User by the Client / Agency , to provide services to the Client / Agency.
4.10. The operator does not allow the combination of databases containing personal data, the processing of which is carried out for purposes incompatible with each other.
4.11. Only personal data that meets the purposes of their processing are subject to processing.
4.12. The content and volume of processed personal data are consistent with the stated processing goals.
4.13. The storage of personal data is carried out in a form that allows you to determine the subject of personal data, no longer than what is required by the purpose of processing personal data, unless the storage period for personal data is established by federal law, an agreement to which the beneficiary or guarantor is the subject of personal data. The processed personal data is destroyed either by depersonalization to achieve the processing goals or in case of loss of the need to achieve these goals, unless otherwise provided by federal law.
4.14. The operator does not process biometric personal data and personal data of special categories.
4.15. The operator does not make decisions that give rise to legal consequences in relation to the subject of personal data or otherwise affect his rights and legitimate interests, based on exclusively automated processing of personal data.
4.16. Processing of personal data is carried out by the Operator using automation tools.
4.17. The Client / Agency may at any time change (update, supplement) the personal information provided by him or her part, using the editing function of personal data.
4.18. The Client / Agency may also delete the personal information provided to them within a certain account by using the appropriate function or by sending a corresponding letter to the technical support of the Operator's services.
5. Rights of the subject of personal data
5.1. The subject of personal data has the right to receive information regarding the processing of his personal data, including the following: confirmation of the fact of processing of personal data by the Operator; legal grounds and purposes of processing personal data; goals and methods of processing personal data used by the Operator; the name and location of the Operator, information about persons (excluding employees / employees of the Operator) who have access to personal data or to whom personal data may be disclosed on the basis of an agreement with the Operator or on the basis of federal law; processed personal data relating to the relevant subject of personal data, the source of their receipt, unless otherwise provided for by federal law; terms for processing personal data, including periods for their storage; the procedure for the exercise by the subject of personal data of the rights stipulated by the Federal Law of July 27, 2006 No. 152-ФЗ “On Personal Data”; information on completed or suspected cross-border data transfer; other information stipulated by the Federal Law of July 27, 2006 No. 152-ФЗ “On Personal Data” or other federal laws.
5.2. Responsibility to the subject of personal data for the actions of the Operator lies with the person who instructed the Operator to process the personal data of such a person
5.3. Other rights of the subject of personal data provided for by the Federal Law of July 27, 2006 No. 152-ФЗ “On Personal Data” or other federal laws.
6. Measures to ensure the security of personal data during their processing
6.1. When processing personal data, the operator takes all necessary legal, organizational and technical measures to protect personal data from unlawful or accidental access to it, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data . Methods Ensuring the security of personal data.
6.2. Issue by the Operator of local regulations on the processing of personal data.
6.3. Application of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems.
6.4. The implementation of internal control of the conformity of the processing of personal data to the Federal Law of July 27, 2006 No. 152-ФЗ “On Personal Data” and the regulatory legal acts adopted in accordance with it, the requirements for the protection of personal data, this Regulation in relation to the processing of personal data.
6.5. Setting rules for access to personal data processed in the personal data information system, as well as ensuring the registration and recording of all actions performed with personal data in the personal data information system.
6.6. Monitoring of measures taken to ensure the security of personal data and the levels of security of personal data information systems.
6.7. Obtaining the consent of personal data subjects to process their personal data by the Operator, including the processing of biometric personal data and the cross-border transfer of personal data.
6.8. Check that the foreign states into whose territory personal data is transferred ensure adequate protection of the rights of personal data subjects before the start of cross-border transfer of personal data.
6.9. Identification of threats to the security of personal data during their processing in personal data information systems.
6.10. Application of technical measures to ensure the security of personal data during their processing in the personal data information system necessary to fulfill the requirements for the protection of personal data.
7. Additional terms
7.1. The operator has the right to change the current Personal Data Processing Policy, without the consent of third parties.
7.2. The entry into force of a new policy begins after information about it is posted on the site, unless the changed policy implies a different placement option.
7.3. All suggestions, wishes, requirements or questions regarding this personal data processing policy should be reported in the feedback section located on the website, in the “Contacts” section.
7.4. You can find the existing policy at raketa.world.
Updated on May 25, 2019.