POLICY OF OST TRAVEL VITA LIMITED LIABILITY COMPANY IN THE FIELD OF PROCESSING AND PROTECTION OF PERSONAL DATA

/ POLICY OF OST TRAVEL VITA LIMITED LIABILITY COMPANY IN THE FIELD OF PROCESSING AND PROTECTION OF PERSONAL DATA

Article I. GENERAL PROVISIONS

In the process of carrying out its statutory activities, Ost Travel Vita Limited Liability Company (hereinafter – the Company) processes personal data. When processing personal data (hereinafter also referred to as PD), the Company considers the observance of the principles of legality, justice and confidentiality in the processing of personal data to be its most important tasks. The company is responsible for maintaining the confidentiality and security of processed personal data.

This Policy on the of personal data protection in Ost Travel Vita LLC (hereinafter – the Policy) ensures the implementation of legal requirements of the Russian Federation in the field of personal data processing of personal data subjects. The Policy discloses the main categories of personal data processed by the Company, purposes, methods and principles of processing by the Company of personal data, the rights and obligations of the Company in the personal data processing, the rights of the personal data subjects, as well as the measures applied by the Company to ensure the security of personal data during their processing.

This Policy applies to all cases of personal data processing by the Company, regardless of whether the processing of personal data is automated or nAdd a translation in DEon-automated, whether it is performed manually or automatically.

This Policy is an internal local regulation of the Company and is binding upon all divisions and employees of the Company.

Every employee, newly hired by the Company during the first induction training should be familiar with this Policy.

This Policy is approved by the Director of the Company, which monitors compliance with the Policy in the Company.

The validity of this Policy is three years after its approval. The Policy is subject to review at least once every three years. The new version of the revised Policy is approved by the Director of the Company. *

Responsibility for this Policy updating and ongoing control over the implementation of the Policy is vested in an authorized employee appointed by order of the Company, who is responsible for organizing the processing and protection of personal data.

Based on the requirements of this Policy, the Company develops all internal local regulations and other documents of the Company related to the personal data processing.

This Policy is a public document. To ensure unrestricted access to the document, the text of this Policy is posted on the accessible to the public website: www.osttravelvita.com

 

Article II. GENERAL DEFINITIONS

Policy – is approved by the Director of the Company an internal local regulation – “Policy of Ost Travel Vita Limited Liability Company on the protection of personal data”.

Personal data (PD) – any information relating directly or indirectly to a specific or determinable individual – the subject of personal data.

Personal data processing – is any action with personal data that is performed using automation equipment or without using such equipment.

Personal data subject – is an identified or unidentified individual in relation to whom personal data is processed.

Employee – an individual (personal data subject) who has concluded an employment agreement with the Company.

Applicant – is an individual (personal data subject) who has submitted his personal data to the Company with a proposal to conclude an employment agreement.

Partner – is a legal entity or an individual entrepreneur, a personal data operator with whom the Company has a contractual relationship, in discharge of obligations on which the Partner puts the Company, as a third party, in charge of PD processing of Clients.

Client – an individual – the customer of a tourism product (personal data subject), who has concluded with the Company or the Partner a tourism product sales agreement formed by the Company; or an individual – a tourist (personal data subject), on behalf of whom the customer of the tourism product concluded with the Company or the Partner a tourism product sales agreement, which is formed by the Company.

Other individual – is an individual (personal data subject) who has concluded with the Company an agreement for the provision of a certain type of service or work, or an employee of the Partner.

Visitor – is an individual (personal data subject) who is not an Employee and who has legally obtained admission to the premises of the Company.

Authorized employee – is an employee appointed by the order of the Company Director responsible for information security and protecting personal data.

Distribution of personal data – actions aimed at the disclosure of personal data to the public.

Provision of personal data – actions aimed at the disclosure of personal data to a specific person or a specific group of people.

Cross-border transfer of personal data – is the transfer of personal data to the territory of a foreign state to a foreign government authority, a foreign individual or a foreign legal entity.

 

Article III. FUNDAMENTAL PROVISIONS

  1. Legal basis for PD processing

The Company is obliged to carry out processing of personal data only on legitimate and equitable basis.

The Policy of the Company in the field of personal data processing is determined in accordance with the following laws and regulations of the Russian Federation:

Constitution of the Russian Federation

Labor Code of the Russian Federation

Civil Code of the Russian Federation

Tax Code of the Russian Federation

Federal Law dated 19.12. 2005 No. 160-FZ “On ratification of the Council of Europe Convention for the protection of individuals with regard to automatic processing of personal data”

Federal Law dated 27.07.2006 No. 152-FZ “On personal data”

Federal Law dated 27.07.2006 No. 149-FZ “On information, information technologies and information protection”

Federal Law No. 132-FZ, dated 24.11.1996, “On the bases of tourist activity in the Russian Federation”

Federal Law No. 2300-1 dated 07.02.1992 “On the protection of consumer rights”

Federal Law dated 29.11.2010 No. 326-FZ “On compulsory medical insurance in the Russian Federation”

Federal Law dated 15.12.2001 No. 167-FZ “On compulsory pension insurance in the Russian Federation”

Federal Law dated 16.07.1999, No. 165-FZ “On the basis of compulsory social insurance”

Federal Law No. 14-FZ dated 08.02.1998, “On limited liability companies”

By the Decree of the Government of the Russian Federation of November 01, 2012 No. 1119 “On approval of requirements for the personal data protection when it is processed in personal data information systems”

By the Decree of the Government of the Russian Federation of September 15, 2008, No. 687 “On approval of the regulations on the specifics of personal data processing performed without the use of automation means”.

The processing of personal data cannot be used by the Company or its Employees for the purpose of causing property and moral damage to personal data subjects, of complicating the exercise of their rights and freedoms.

The processing of personal data in the Company should be limited to the achievement of legal, specific and predetermined purposes. Only those personal data are subject to processing, and only to the extent that meet the purposes of their processing.

All local regulations adopted by the Company governing the processing of personal data in the Company are developed on the basis of this Policy.

  1. Purposes of PD processing

The Company carries out the personal data processing exclusively for the purpose of:

  1. a) performing the functions assigned to the Company by the Charter and the legislation of the Russian Federation in accordance with the regulations specified in clause 1 of Article 3 of the Policy;
  2. b) organizing the accounting of Employees and the Founder of the Company in accordance with the requirements of laws and other laws and regulations, assisting them in career progress and employment, in training, for the provision of medical insurance and for providing them with other benefits and compensations;
  3. c) making decisions on concluding an employment agreement with the Applicant;
  4. d) fulfillment of the obligations of the Company and the exercise of the rights of the Company under the tourism product sales agreements concluded with the Clients in accordance with the provisions of the Federal Law No. 132-FZ of 24.11.1996, “On the bases of tourist activity in the Russian Federation”;
  5. e) fulfillment of the obligations of the Company and the exercise of the rights of the Company under concluded agreements, the party or the beneficiary, or the guarantor of which is the Client, and also for the conclusion of agreements at the initiative of the Client or agreements under which the Client will be the beneficiary or surety;
  6. g) fulfillment of the obligations of the Company and the exercise of the rights of the Company under the tourism product sales agreements concluded with the Partners in accordance with the norms of the Civil Code of the Russian Federation and the Federal Law No. 132-FZ of 24.11.1996, “On the bases of tourist activity in the Russian Federation”;
  7. h) fulfillment of the obligations of the Company and the exercise of the rights of the Company under agreements concluded with other individuals or legal entities in accordance with the norms of the Civil Code of the Russian Federation;
  8. i) fulfillment of the obligations of the Company and the exercise of the rights of the Company in legal proceedings on a claim of Employees, Clients or Partners against the Company, or on claims of the Company against Employees, Clients or Partners under the Civil Procedure Code of the Russian Federation, the Arbitration Procedure Code of the Russian Federation, the Code of the Russian Federation on Administrative Offences;
  9. j) fulfillment of the obligations of the Company and the exercise of the rights of the Company in the course of pre-court dispute settlement procedure on complaint of Employees, Clients or Partners against the Company, or complaints of the Company against Employees, Clients or Partners under the Civil Procedure Code of the Russian Federation, the Federal Law No. 132-FZ of 11.24.1996, “On the bases of tourist activity in the Russian Federation”, the Civil Procedure Code of the Russian Federation, the Arbitration Procedure Code of the Russian Federation, the Code of the Russian Federation on Administrative Offences;
  10. k) personal data processing, access to an unlimited number of persons to which is provided by the Employee or the Client or at their request;
  11. l) implementation of marketing and advertising actions in order to establish and further develop relations with Customers and Partners:

In the Company, only those personal data are processed that meet the above purposes of their processing. Personal data are not subject to processing in case of discrepancy of their nature and volume to these purposes.

The Company does not process special categories of personal data regarding race, nationality, political views, religious or philosophical beliefs, intimate life, or criminal records.

In the event that in order to achieve the above purposes of processing personal data, the Company needs to process biometric personal data, or related to the state of health, then such processing is carried out only on the basis of the consent of the personal data subject. Processing of special categories of personal data should be stopped immediately if the reasons due to which it was carried out are eliminated.

  1. Access of employees to PD processing

Personal data in the Company can be processed only by authorized employees in the established manner.

Employees are allowed in the Company to process personal data only by the decision of the director.

Employees who are allowed in the Company to process personal data have the right to start working with personal data only after familiarizing against receipt with local regulations governing the processing of PD in the Company.

Employees who engaged personal data processing in the Company must act in accordance with the job descriptions, regulations and other administrative documents of the Company, and comply with the requirements of the Company to maintain confidentiality.

  1. Acquisition of PD, their categories, processing and storage periods

The Company receives personal data only on the basis that the personal data subject decides to provide the Company with his personal data and agrees to its processing freely, by his will and in his interest. The consent to the processing of personal data must be specific, informed and conscious. The consent to the processing of personal data may be given by the personal data subject or his representative in any form to confirm the fact of its receipt. As a rule, such consent is given upon conclusion of written agreements with the Company or our Partners, or in the form of the performance by the personal data subject of a specific action on the website of the Company or our Partners.

The consent to the personal data processing may be revoked by the personal data subject.

The Company processes the following categories of personal data:

  1. a) Personal data of the Employees and the Founder. Acquisition source: from the personal data subjects, on the basis of concluded employment agreements and the Federal Law No. 14-FZ dated 08.02.1998 “On limited liability companies”.
  2. b) Personal data of Customers. Acquisition source: from the subjects of personal data or Partners,

on the basis of concluded agreements.

  1. c) Personal data of the Partners and their representatives. Acquisition source: from the personal data subjects or Partners, on the basis of concluded agreements.
  2. d) Personal data of Visitors. Acquisition source: from the subjects of personal data.
  3. e) Personal data of Applicants. Acquisition source: from the subjects of personal data.

The periods of processing and storage of personal data are determined in accordance with the duration of the agreement with the subject of personal data, the limitation period, the storage periods for documents established by Order of the Ministry of Culture of the Russian Federation of August 25, 2010 No. 558 “On approval of the list of standard management archival documents generated in the course of activities of state authorities, local authorities and organizations with the indication of storage terms”, other requirements of the legislation and regulatory documents, as well as the term of the consent granted by the subject for personal processing, in cases where such consent must be provided in accordance with the requirements of the law.

  1. PD transfer to third parties

The transfer of personal data is carried out by the Company solely to achieve the purposes stated for the personal data processing in clause 2 of this article of the Policy.

The personal data transfer to third parties is carried out either with the written consent of the personal data subject, which is executed in the form prescribed by law, or for the execution of a contract to which the personal data subject is a beneficiary or guarantor, as well as for the conclusion of an agreement on the initiative of the personal data subject or agreement under which the personal data subject will be the beneficiary or guarantor, or in cases where it is necessary in order to prevent threats to life and health of the personal data subject; or in other cases established by federal law.

The personal data transfer to third parties is carried out by the Company only on the basis of an appropriate agreement with a third party, the essential condition of which is the obligation to ensure the confidentiality of personal data and the security of personal data by a third party during its processing.

The Company carries out cross-border transfer of the Client’s personal data on the territory of foreign states taking into account the list of states approved by the authorized body for the protection of the rights of personal data subjects.

The Company carries out cross-border transfer of the Client’s personal data on the territory of foreign states, but also on the territory of foreign states that do not provide adequate protection of the rights of personal data subjects, only on the following grounds:

– the written consent of the Client for the cross-border transfer of his personal data;

– execution of an agreement to which the Client is either the beneficiary or guarantor, as well as for the conclusion of the agreement at the initiative of the Client or the agreement by which the Client will be the beneficiary or guarantor;

In order to comply with the legislation of the Russian Federation, in order to achieve processing purposes, as well as in the interests and with the consent of the subjects of personal data, the Company in the course of its activities provides personal data to the following third parties.

  1. a) The personal data of the Employees and the Founder on the basis of the employment agreement and/or written consent are transferred to the following organizations:

– To the Bank – for issuing a non-cash account to which the Company will transfer the salary and other income of the Employee and the Founder, provided that the Company informs the Employer and the Founder of the name and address of the bank in advance.

– To credit organizations, to which the Employee and the Founder applied for credits, loans or other services, provided that the Employer and the Founder will inform the Employer in advance of the names of the referred credit organizations.

– To the insurance company – for the execution of a voluntary medical insurance policy, provided that the Company informs the Employer in advance of the name and address of the insurance company.

– To printing organization or printing house – for the production of business cards of the Employee and the Founder, provided that the Company informs them in advance of the name and address of this printing company.

– To the Landlord – for issuing to an Employee and the Founder a pass to the territory and to the building in which the Company’s office is located, provided that the Company informs them in advance of the name and address of the given Landlord.

– To a private security company that protects the premises in which the Company’s office is located, provided that the Company informs the Employer and the Founder in advance of the name and address of this private security company.

– To the Partners of the Company – for the fulfillment of the obligations assigned to the Company by agreements and other legal transactions, the performance of which is provided for by the official duties of the Employee, provided that the Company informs the Employer in advance of the names and addresses of these organizations.

– To Embassy and consular representations of foreign countries, to visa centers – for the Company to fulfill official inquiries regarding the issue of entry visas to the Employee, provided that the Employee gives in advance of the names of these organizations.

– To tax authorities (Interdistrict Inspectorate of the Federal Tax Service of Russia No. 8 for Kaliningrad), the Office of the Pension Fund of the Russian Federation for the Kaliningrad Region, divisions of the Federal Migration Service of Russia (DFMS of Russia for the Kaliningrad Region), the Representative Office of the Russian Ministry of Foreign Affairs in Kaliningrad – – to fulfill obligations, assigned to the Company by legislative and regulatory acts, as well as the execution of legitimate official requests concerning the Employee.

  1. b) The personal data of the Clients in accordance with the written agreement concluded with them by the Company or the Partners and/or with the written consent of the personal data subject, the Company, based on the agreements, transfers to the following third parties:

– To banks – for non-cash transfer of funds to pay for services ordered by the Client.

– To credit organizations to which the Client, through the intermediary of the Company, applied for a loan to pay for the tourist services ordered by him.

– To tax and law enforcement authorities – for the fulfillment of obligations imposed on the Company by laws and regulations, as well as the execution of legitimate official requests regarding the Client;

– To Russian and foreign organizations organizing and/or carrying out air and/or rail and/or motor transportation of Clients.

– To Russian and foreign tourism industry enterprises – in organizations engaged in tour operator and/or travel agent activities, in hotels and/or other accommodation facilities, in organizations engaged in sanatorium-resort treatment, providing cognitive, business, medical and health-related, physical and other assignment, services of guides, guide-translators and instructors-guides.

– To Embassy and consular representations of foreign countries and/or visa centers, for the fulfillment by the Company of contractual obligations for obtaining entry visas for Clients in the country of temporary residence.

– To Russian and foreign organizations organizing and/or providing property insurance for the interests of Clients and their financial risks.

  1. Acquisition by the Company as a third party of personal data from the Partners

The acquisition of personal data of Clients from Partners – operators of personal data – is carried out by the Company solely to achieve the purposes stated for the processing of personal data in clause 2 of this article of the Policy, and on the basis of written agreements concluded with Partners.

The text of agreements with Partners necessarily defines the purposes of the personal data processing, the list of operations with them, and establishes the obligation of the Company to maintain the confidentiality of personal data and ensure the security of personal data during its processing, as well as the requirements for the protection of processed personal data.

The Company, when processing personal data on behalf of the Partner, is not required to obtain the consent of the personal data subject to the processing of his personal data. In this case, the Partner is liable to the subject of personal data for the actions of the Company. The Company, processing personal data on behalf of the Partner, is responsible to the Partner.

  1. Measures to ensure the security of personal data during their processing

Prior to the processing of personal data, the Company took legal, technical and organizational measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, provision, distribution, as well as from other illegal actions in relation to them. The security of personal data is achieved, in particular, in the following ways:

By introducing in the Company a regime of confidentiality of personal data, when all documents and information containing information about personal data are confidential in the Company.

By organizing a security regime for the premises in which information systems are located that impedes the possibility of uncontrolled entry or stay in these premises of persons who do not have access to these premises.

By approving a complete list of personal data and other objects to be protected in the Company.

By ensuring the non-distribution of documents and details containing information about personal data, without the consent of the personal data subject, or the presence of another legal basis.

 

 

 

By designating an authorized employee responsible for organizing the processing of personal data.

By introducing personal responsibility of the leaders of the Company and its divisions for ensuring the security regime of personal data during their processing.

By approving the list of persons who process personal data in the Company or have access to it.

By determining the type of threats to the security of personal data relevant to the information systems of the Company, taking into account the assessment of possible harm that may be caused to the personal data subjects.

By the development and approval of local regulations governing the obligations of officials involved in the PD processing and protection, their responsibility for compromising personal data (see the List of organizational and administrative documents and local regulations governing the processing of personal data at Ost Travel Vita LLC attached to the Policy).

By the implementation of internal control and audit of the conformity of personal data processing to the Federal Law of 27.07.2006 No. 152-FZ “On personal data” and legal regulations adopted in accordance with it, requirements for the protection of personal data, local regulations.

By prohibition of Employees engaged in the processing of personal data to carry out unauthorized or unregistered copying of personal data, including using removable storage media, mobile devices for copying and transferring information, communication ports and input-output devices that implement various interfaces (including wireless), storage devices of mobile equipment (e.g. laptops, personal digital assistants, smartphones, mobile phones) as well as photo and video recording devices.

By ensuring the safety of personal data storage media.

By using information protection tools that have passed the procedure for assessing compliance with the requirements of the legislation of the Russian Federation in the field of information security, in the case when the use of such means is necessary to neutralize current threats.

By familiarizing the Company’s Employees directly processing personal data with the provisions of the legislation of the Russian Federation on personal data, including the requirements for the protection of personal data, local regulations regarding the personal data processing, and the training of these employees.

By allocation of specific places of storage of personal data (tangible media), the processing of which is carried out by the Company and the organization of a regime for ensuring the security of premises and places of storage of PD material carriers.

By providing separate storage of personal data (tangible media), the processing of which is carried out without the use of automation equipment and for various purposes.

By the implementation of accounting documents for processing personal data without the use of automated systems to individual records management, storage of documents marked “personal data” in a securely locked cabinet and safe, the keys to which are stored only at the employees responsible for this activity.

By determining the threat of personal data security at their processing within the information systems of personal data.

By applying organizational and technical measures to ensure the security of personal data during their processing in personal data information systems, necessary to fulfill the requirements for the protection of personal data.

By the evaluating the effectiveness of measures taken to ensure the security of personal data prior to the commissioning of the personal data information system.

By accounting for personal data medium.

By identifying the facts of unauthorized access to personal data and taking appropriate measures.

By restoring personal data modified or destroyed due to unauthorized access to them.

By establishing rules for access to personal data processed in the personal data information system, as well as by ensuring the registration and recording of all actions performed with personal data in the personal data information system.

By providing access to the contents of the electronic message journal exclusively for Employees of the Company or an authorized employee for whom the information contained in the specified journal is necessary for the performance of employment duties.

By monitoring the measures taken to ensure the security of personal data and the level of security of personal data information systems.

  1. Rights and obligations of a PD subject

The personal data subject has the right:

 

 

 

– to receive information about the Company, its location, the availability of personal data of the Company related to the relevant personal data subject, as well as to get acquainted with such personal data;

– to require the Company to clarify its personal data, block or destroy it if the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing;

– to demand the termination of the processing of their personal data;

– to receive information regarding the processing of his personal data, and specifically containing: confirmation of the fact of processing personal data by the Company, as well as the purpose of such processing; personal data processing methods used by the Company; information about persons who have access to personal data or who may be granted such access; a list of processed personal data and the acquisition source; terms for processing personal data, including periods for their storage; information about what legal consequences for the subject of personal data may entail the processing of his personal data;

The right of a personal data subject to access his personal data may be limited in accordance with federal laws, in particular, in the following cases:

– If the processing of personal data, including that obtained as a result of investigative, counterintelligence and intelligence activities, intelligence activities, is carried out in order to strengthen the country’s defense, ensure state security and law enforcement.

– Provided that the processing of personal data is carried out by the authorities that detained the subject of personal data on suspicion of committing a crime, or brought a criminal charge against the subject of personal data, or applied a preventive measure to the subject of personal data before the charge, with the exception of cases provided for by the criminal procedure legislation of the Russian Federation when it is permitted to familiarize a suspect or accused with such personal data.

– If the processing of personal data is carried out in accordance with the legislation on combating the legalization the legalization (laundering) of proceeds obtained by criminal means, and the financing of terrorism.

– When the access of the subject of personal data to his personal data violates the rights and legitimate interests of third parties.

– If the processing of personal data is carried out in cases provided for by the legislation of the Russian Federation on transport security, in order to ensure the stable and safe functioning of the transport complex, protect the interests of the individual, society and the state in the field of the transport complex from acts of unlawful interference.

In order to exercise his rights and protect legitimate interests, the subject of personal data has the right to contact the Company. The Company considers any appeals and complaints from the subjects of personal data, thoroughly investigates the facts of violations and takes all necessary measures to eliminate them immediately, punish the guilty persons and resolve disputed and conflict situations in pre-trial procedure.

The personal data subject has the right to appeal against the actions or inaction of the Company by contacting the authorized body for the protection of the rights of personal data subjects.

The personal data subject has the right to protect his rights and legitimate interests, including compensation for losses and/or compensation for non-pecuniary damage in court.

The personal data subject is obliged to provide only reliable and complete personal data, which, if necessary, must be documented.

  1. Procedure for provision of information to a personal data subject

Access to his personal data is provided to the personal data subject or his legal representative by the Company upon request or upon receipt of a request from the personal data subject or his legal representative. The request must contain the number of the main document proving the identity of the personal data subject or his legal representative, information about the date of issue of the said document and the authority that issued it and his own signature of the personal data subject or his legal representative. The request may be sent in electronic form and signed by an electronic digital signature in accordance with the legislation of the Russian Federation.

The Company informs the personal data subject or its legal representative on the availability of personal data related to the corresponding personal data subject, as well as provide the opportunity to get acquainted with them when applying to the subject of personal data or his legal representative or within ten business days from the date of receipt of the request of the subject of personal data or its legal representative.

The right of the subject of personal data to access his personal data is limited if the provision of personal data violates the constitutional rights and freedoms of others.

Unlawful refusal to provide documents collected in the prescribed manner containing personal data, or untimely provision of such documents or other information in cases provided for by law, or the provision of incomplete or knowingly false information may result in the imposition of an administrative fine on officials in the amount determined by the Code of Administrative Offences.

You can use the capabilities of our website www.osttravelvita.com to book certain tourist services. At the same time, providing Ost Travel Vita LLC with your personal data and performing relevant actions – clicking “I agree”, you express your consent and give by your will the permission to process your personal data in the manner prescribed by this Policy. If you do not agree with the provisions of this Policy, we ask you to refrain from using this website and transferring your personal data to Ost Travel Vita LLC.

  1. Responsibility for PD security

The Company is responsible for the development, introduction and effectiveness of the relevant legislation requirements governing the receipt, processing and protection of personal data. The Company assigns the personal responsibility of the Employees to compliance with the confidentiality regime established by the Company.

The head of the division is personally responsible for compliance by the Employees of his division with the rules governing the receipt, processing and protection of personal data. The head, permitting the access of an employee to documents and information containing personal data, is personally responsible for this access permit.

Each Employee of the Company receiving a document containing personal data for work is solely responsible for the safety of the medium and confidentiality of information.

The Employees guilty of violating the rules governing the receipt, processing and protection of personal data bear disciplinary, administrative, civil or criminal liability in accordance with federal laws.

The Company is not liable for losses and other costs incurred by the personal data subjects as a result of their provision of false and incomplete personal data.

Article IV. INFORMATION ABOUT THE COMPANY AND CONTROL BODIES

  1. The Company:

Ost Travel Vita Limited Liability Company (Ost Travel Vita LLC)

OGRN (Principle State Registration Number) /INN (Tax Identification Number) 1193926003490/3906378245

Legal address: 236001, Kaliningrad city, Gorkogo st., 176G (Г), litter VI of lit. A

Actual address, postal address: 236022, Kaliningrad city, Pugacheva st.,16, office 217,

Telephone: (495) 960-97-41, osttravelvita.com, e-mail: incoming@osttravelvita.com

The Company is a tour operator for international outbound tourism, registration number РТ0000430 in the Unified Federal Register of Tour Operators, assigned by the Federal Agency for Tourism.

The Company is the operator of personal data.

The responsible for the organization of processing and ensuring the security of personal data in the Company is the Director General Denisova Violletta Ivanovna, tel.: (495) 960-97-41, e-mail: incoming@osttravelvita.com

If you still have questions after considering this Policy, you can get clarification on all questions you are interested in by sending an official request to the person responsible for organizing the processing and security of personal data, as well as by e-mail to incoming@osttravelvita.com or to the address: 236001, Kaliningrad city, Gorkogo st., 176G (Г), litter VI of lit. A.

  1. Controlling organizations authorized in the field of protection of the rights of personal data subjects:

– The Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor):

Address: 109074, Moscow, Kitaygorodskiy pr., 7, bld. 2.

Reference and Information Centre: tel.: (495) 987-68-00; fax: (495) 987-68-01.

Roskomnadzor Office for the Protection of the Rights of Personal Data Subjects: tel.: (495) 987-68-57.

The general email address of Roskomnadzor is rsoc_in@rsoc.ru

Directorate of the Federal Service for Supervision of Communications, Information Technology and Mass Media for Kaliningrad region (Roskomnadzor):

Kaliningrad city, Kommunalnaya st., house 4, Kaliningrad, tel.: (4012) 45-15-50, fax: (4012) 93-00-82, e-mail: kaliningradugsn@balnet.ru

Directorate of the Federal Service for Supervision of Communications, Information Technology and Mass Media for the Central Federal District (including the territorial authority of Roskomnadzor in Moscow and Moscow region)

Postal address: 117997, Moscow city, Starokashirskoe shosse, h. 2, bld. 10, GSP-7 (Municipal Post Office)

Reception office: tel.: (495) 957-08-20

Administrative office: tel.: (495) 957-08-50, (495) 957-08-51; fax: (495) 957-08-48

E-mail address: rsockanc77@rsoc.ru

2024 OST TRAVEL VITA Ltd.

Personal Data Processing Policy
+7 495 960 97 41 +7 906 233 53 06
incoming@osttravelvita.com

Request

or