Privacy Policy

Personal data Processing Policy

  1. General provisions.

This Personal Data Processing Policy shall be applied as defined in Federal Law No 152-FZ of 27.07.2006, On Personal Data (hereinafter referred to as Federal Law on Personal Data). This document (hereinafter referred to as the Policy) sets forth the purposes and general principles of personal data processing, as well as the personal data security measures implemented by LLC «Intourleader» (hereinafter referred to as the Operator).

1.1. The Operator sets as its most important goal and condition for the implementation of its activities the observance of human and civil rights and freedoms when processing personal data of citizens including the protection of the rights to privacy, personal and family secrets.

1.2. This Operator’s policy regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may receive about visitors of the website https://go-karelia.com

2. Basic definitions and concepts used in the Policy.

2.1. Automated personal data processing – personal data processing by means of computer equipment.

2.2. Blocking of personal data – temporary suspension of processing of personal data (except in cases where the processing is necessary to clarify the personal data).

2.3. Website is a set of graphic and information materials as well as computer programs and databases ensuring their availability on the Internet at a network address https://go-karelia.com.

2.4. The personal data information system – a set of personal data contained in databases, and information technologies and technical means that ensure their processing.

2.5. Impersonalization of personal data – actions, as a result of which it becomes impossible without the use of additional information to determine the ownership of personal data to a specific personal data subject.

2.6. Personal data processing – any action (operation) or a set of actions (operations) performed with personal data using automation equipment or without such equipment, including collection, recording, accumulation, storage, clarification (update, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.

2.7. operator – a state body, municipal body, legal or natural person, independently or jointly with other persons organizing and (or) processing personal data, as well as determining the purposes of personal data processing, the composition of personal data to be processed, actions (operations) with the personal data.

2.8. Personal data – any information related directly or indirectly to a specific or identifiable User of the website https://go-karelia.com

2.9. Personal data authorized for distribution by Data Subject – personal data of a Data Subject, that the Data Subject has given his consent to be distributed and to be available to an unlimited circle of persons in accordance with the procedure provided for by the Personal Data Law (hereinafter – personal data authorized for distribution).

2.10. The User is any website https://go-karelia.com visitor.

2.11. Provision of personal data – actions aimed at disclosure of personal data to a certain person or a certain group of people.

2.12. Distribution of personal data means any actions aimed at disclosing personal data to an indefinite range of persons (transfer of personal data) or at acquaintance with personal data of an indefinite range of persons including public disclosure of personal data in the media, posting on information and telecommunication networks or providing access to personal data in any other way.

2.13. Transboundary transfer of personal data – a transfer of personal data to the territory of a foreign state to the authority of a foreign state, a foreign individual or a foreign legal entity.

2.14. Personal data destruction – any actions that result in permanent deletion of personal data with inability of further restoration and (or) the destruction of physical personal data storage devices.

3. Rights and obligations of the Operator.

3.1. The Operator is entitled to:

  • receive from a personal data subject reliable information and / or documents containing personal Data;
  • if a personal data subject withdraws the consent to personal data processing, the Operator has the right to continue processing personal data without the consent of a personal data subject if there are grounds specified in the Personal Data Law;
  • identify the structure and list of measures necessary and sufficient to ensure the fulfillment of obligations provided for by the Personal Data Law and other relevant regulatory legal acts independently, unless otherwise provided by the Personal Data Law or other federal laws.

3.2. The Operator is obliged to:

  • provide Data Subject with information concerning the processing of his personal data at his request;
  • organize the processing of personal data in accordance with the requirements of the Law on personal data;
  • respond to requests and inquiries of subjects of personal data and their legal representatives in accordance with the requirements of the Law on personal data;
  • report to the authorized body for the protection of the rights of the subjects of personal data the necessary information upon request of this body within 10 days from the date of receiving of such request;
  • publish or otherwise provide unrestricted access to this Policy in respect of the personal data processing;
  • take legal, organizational and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, sharing, and other illegal actions with respect to personal data;
  • cease the personal data transfer (distribution, sharing, access), stop processing and erase the personal data under the procedure and in the cases provided for by the Personal Data Law;
  • fulfil other duties provided for by the Personal Data Law.

4. Basic rights and obligations of the Data Subjects.

4.1. Personal Data Subjects have right to:

  • receive information regarding the processing of their personal data except for cases provided for by federal laws. The information is provided to a personal data subject by the Operator in an accessible form, and it should not contain personal data regarding other personal data subjects unless there are legal grounds for disclosing such personal data. The list of information and the procedure for obtaining it is established by the Personal Data Law;
  • the data subject shall be entitled to demand that Operator update, block or destroy his personal data where the personal data are incomplete, outdated, inaccurate, illegally obtained or not required for the stated purpose of processing, as well as use statutory remedies available to him;
  • impose conditions on preliminary consent while processing personal data in order to promote goods, works and services;
  • withdraw consent to personal data processing;
  • the right to complain to the body authorised to protect the rights of Data Subjects about unlawful actions or omissions by the Operator during their Personal data processing;
  • other rights given by laws.

4.2. Personal Data Subjects are obliged to:

  • provide the Operator with reliable data about themselves;
  • inform the Operator about the qualification (update, change) of their personal data.

4.3. Individuals who have provided the Operator with false information about themselves or other Data Subject without consent of the latter are subject to liability in accordance with the legislation of the Russian Federation.

5. Personal Data processing principles.

5.1. Personal data shall be processed on the legitimate and equitable basis.

5.2. Personal data processing shall be limited to achieving the specific, predefined and legitimate purposes. It is not allowed to process personal data for any purposes which are inconsistent with the purposes of the personal data acquisition.

5.3. It is not allowed to unite databases containing personal data processed for the purposes inconsistent with each other.

5.4. Only personal data that meets the purposes of their processing is subject to processing.

5.5. The content and scope of processed personal data shall comply with the declared processing purposes. The processed personal data shall not be excessive with reference to the declared processing purposes.

5.6. When processing personal data, the Operator ensures its accuracy, sufficiency, and compliance to the purposes of personal data processing. The Operator adopts the necessary measures to delete and update the incomplete or inaccurate data.

5.7. Personal data storage in the format allowing to determine the personal data subject shall be performed only for a period which does not exceed that required for the personal data processing purposes, unless the personal data storage period is established by the federal law. The processed personal data shall be destroyed or depersonalized after achieving the processing purposes or if achieving these purposes becomes irrelevant, unless otherwise provided by the federal law.

6. Conditions of personal data processing.

6.1. The processing of personal data is carried out with the consent of the personal data subjects.

6.2. The personal data processing is necessary to achieve the goals provided for by an international treaty of the Russian Federation or by law for the implementation of the functions, powers and duties imposed by the legislation of the Russian Federation on the Operator.

6.3. The personal data processing is required for administration of justice, the execution of a judicial act, an act of another body or an official subject to execution in accordance with the legislation of the Russian Federation on enforcement proceedings.

6.4. The personal data processing is necessary for the execution of a contract to which a personal data subject is a party, beneficiary, or guarantor as well as for concluding a contract on the initiative of a personal data subject or a contract under which a personal data subject will be a beneficiary or guarantor.

6.5. personal data processing is required to exercise rights and legitimate interests of the Company or third parties, or to achieve socially significant purposes, provided that it does not infringe any rights and liberties of the personal data subject.

6.6. The personal data processing is performed, access of an indefinite range of persons to which is provided by a personal data subject or at his or her request (hereinafter – publicly available personal data).

6.7. Personal data subject to publication or mandatory disclosure in accordance with federal law is processed.

7. Procedure of personal data processing.

The security of personal data processed by the Operator is ensured through the implementation of legal, organizational and technical measures necessary to fully comply with the requirements of the current legislation in the field of personal data protection.

7.1. The Operator ensures the safety of personal data and takes all possible measures to exclude access of unauthorized persons to personal data.

7.2. The User’s personal data will never, under any circumstances, be transferred to third parties, except in cases related to the implementation of the current legislation.

7.3. In case of revealing inaccuracies in personal data, the User can update them independently by sending a notification to the Operator to the Operator’s e-mail address info@go-karelia.com marked “Updating personal data”.

7.4. The term for personal data processing is determined by reaching the purposes for which personal data was collected, unless another term is stipulated by the contract or by the current legislation.

The user can revoke his consent to the processing of personal data at any time by sending a notification to the Operator via e-mail to the Operator’s email address. Info@go-karelia.com marked “Withdrawal of consent to the processing of personal data”

7.5. All information collected by third-party services, including payment systems, communication facilities and other service providers, is stored and processed by these actors (Operators) in accordance with their User Agreement and Privacy Policy. Data Subject and / or User shall be obliged to familiarize themselves with these documents in due course. The Operator is nor responsible for the actions of the third parties, including the service providers specified in this paragraph.

7.6. The restrictions set by a personal data subject on the transfer (except for providing access) as well as on the processing or processing conditions (except for gaining access) of personal data permitted for distribution do not apply in cases of personal data processing in the state, public and other social interests determined by legislation of the Russian Federation.

7.7. While Data processing the Operator ensures the privacy of personal data.

7.8. The Operator stores personal data in a form that makes it possible to determine a personal data subject no longer than the purpose of personal data processing requires unless the personal data storage period is established by a federal law, or a contract to which a personal data subject is a party, beneficiary or guarantor.

7.9. The term for the cessation of personal data processing may happen in the event of reaching personal data processing purposes, in the event of the expiration of the consent of the Data Subject or the withdrawal of said consent, or in the event of unlawful processing of personal data.

8. Personal Data Processing Operations.

8.1. Personal data processing by the Operator includes the following: acquisition, recording, systemization, accumulation, storage, correction (update, change), retrieval, use, transfer (dissemination, submission, access), locking, deleting, destruction.

8.2. The Operator implements personal data automated processing with the receipt and/or transmission of the information received via information and telecommunication networks or without it.

9. Cross-border transfer of Personal Data.

9.1. Before starting the cross-border transfer of personal data, the operator must ensure that the foreign state, to whose territory it is supposed to transfer personal data, provides reliable protection of the rights of subjects of personal data.

9.2. Cross-border transfer of personal data to the territory of foreign countries which do not comply with the above requirements may be performed only with prior written consent of the personal data subject for cross-border transfer of his/her personal data and/or under a contract to which the personal data subject is a party.

10. Personal Data Privacy.

The Operator and other individuals who accessed the personal user data shall not distribute or disclose personal data without the consent of the Data Subject, unless otherwise provided by federal law.

11. Final provisions.

11.1. The user can receive any clarifications on issues of interest regarding the processing of his personal data by contacting the Operator via e-mail info@go-karelia.com

11.2. This document will reflect any changes to the Operator’s personal data processing policy. The policy is valid indefinitely until it is replaced by a new version.

11.3. The current version of the Policy is freely available on the Internet at https://go-Karelia.com/privacy-policy/ .

To top
CALL ME
+
Call me!

Cookies help us deliver our services. By using our services, you agree to our use of cookies. More Information