Approved by order of the General Director
JSC ‘’Central Hotel’ №116 / 1 dated January 02, 2016
1. GENERAL TERMS AND DEFENITIONS
1.1. The following definitions are used in terms listed below:
1.1.1. ‘’Personal data’’ -- any information relating to an identified or identifiable natural person (‘‘data subject’’); an identifiable natural person is one who can be identified, directly or indirectly.
1.1.2. ‘‘Personal data Processing’’ -- any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, structuring, storage, adaptation (updating or alteration), retrieval, use, transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
1.1.3. ‘‘Controller’’ -- a person who performs any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, structuring, storage, adaptation (updating or alteration), retrieval, use, transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
1.1.3. ‘’Confidentiality of personal data’’ refers to a requirement for a Controller or another person who has obtained access to personal data to prevent its dissemination without the consent of the personal data subject or the other legal grounds availability.
1.1.4. ‘‘Cookies’’ -- small pieces of data stored on the User's computer which the web client or web browser each time sends to the web server in an HTTP request when websites are loaded in a browser.
1.1.5. ‘’IP-address’’ -- a unique network address used to identify a node in the network built over the Internet Protocol Address.
2. GENERAL PROVISIONS
2.3. Website administration does not verify the accuracy of the personal data provided by the Hotel website User.
3. POLICY SUBJECT
4. PURPOSE FOR PERSONAL DATA COLLECTION
4.1. The User’s personal data may be used by the Hotel Administration to:
4.1.1. To place an order and / or enter into a Service Agreement by remote method.
4.1.2. Feedback, sending notifications, inquiries regarding the use of the Hotel Website, provision of services, processing requests and requests from the User.
5. METHODS AND TERMS OF PERSONAL DATA PROCESSING
5.1. Categories of personal data subjects.
The personal data of the following personal data subjects are processed:
- natural persons who are users of the Hotel Website.
5.2. Personal data processed by the Operator:
- data obtained from users of the Hotel Website.
5.3. The processing of the User’s personal data is carried out in the information systems of personal data in any legal way, whether or not by automated means.
5.4. All personal data should be received from the User. If the User’s personal data can be only obtained from a third party, the User must be notified of this or consent must be obtained from him.
5.5. The User agrees that the Site Administration has the right to transfer personal data to third parties solely in order to fulfill the User’s order, in particular, courier services, postal organizations, telecommunication operators.
5.6. User's personal data may be transferred to the agency of inquiry and investigation, and other authorized bodies according to the procedures established by the legislation of the Russian Federation
5.7. In case of loss or disclosure of personal data, the Site Administration informs the User about the loss or disclosure of personal data.
5.8. The site administration takes the necessary organizational and technical measures to protect the User’s personal information from unlawful or accidental access, destruction, alteration, blocking, copying, dissemination, as well as from other illegal actions of third parties.
5.9. The site administration jointly with the User takes all necessary measures to prevent losses or other negative consequences caused by the loss or disclosure of the User’s personal data.
5.10. Storage of personal data.
The personal data of the subjects can be obtained, processed and transferred for storage both in hard copy and electronically.
5.10.1. Personal data in hard copy is stored in lockable cabinets or in lockable rooms with limited access rights.
5.10.2. The subjects personal data processed by automated means is stored in different folders.
5.10.3. Personal data storage for any purpose or purposes shall not be kept longer than necessary for that or those purposes. Personal data must be destroyed upon reaching the processing goals or in case of loss of the need to achieve them.
5.11. Destruction of personal data.
5.11.1. The destruction of documents (carriers) containing personal data is carried out by burning, crushing (grinding), chemical decomposition, transformation into a shapeless mass or powder. The use of a shredder is allowed for the hard copy destruction.
5.11.2. Personal data stored on electronic media is destroyed by deletion or formatting the media.
5.12. Transfer of personal data.
The Hotel transfers personal data to third parties in the following cases:
- the subject has consented to such actions;
- the transfer is provided for by Russian or other applicable law within the procedure established by law.
6. OBLIGATIONS OF THE PARTIES
6.1. User must:
6.1.1. Provide information about personal data required to the Hotel Website use.
6.1.2. Update and supplement the information provided on personal data in case of change in this data.
6.2. The Administration is obliged to:
6.2.3. Take precautions to protect the confidentiality of the User’s personal data in accordance with the procedure normally used to protect this type of information.
6.2.4. Block the User's personal data immediately after receiving a request from the User or their legal representative or a relevant authority for the protection of the User's personal data while it is being checked in case invalid data or unauthorized activities are detected.
7. LIABILITIES OF THE PARTIES
7.2. In case of loss or disclosure of Confidential Information, the Administration does not bear responsibility if the given information:
7.2.1. Became public domain before its loss or disclosure.
7.2.2. It was received from a third party before it was received by the Administration.
7.2.3. It was disclosed with the consent of the User.
8. DISPUTE RESOLUTION
8.1. Before taking any claim to court regarding a dispute arising from the relationship between the User and the Administration, it is obligatory to submit a claim (a proposal in writing form).
8.2. Within 30 calendar days from the date of the claim receipt, the recipient notifies the claimant in writing form of the results of reviewing the claim.
8.3. If an agreement is not reached, the dispute will be referred to the Arbitration Court of the Bryansk Region.
9. ADDITIONAL TERMS