Purpose of the policy is to declare the principles and approaches of JSC NordStar Airlines in implementation of requirements of Federal Law No. 152-FZ of 27 June 2006 “On Personal Data” regarding processing and security of personal data, duties and liability of the Airline in performance of such processing.
JSC NordStar Airlines ensures complete observance of rights and freedoms of citizens in the processing of personal data, including protection of privacy rights, personal and family secrets.
In the processing of personal data in the Airline, the following principles are strictly observed:
Subjects of personal data processed by the Airline are:
Purposes of processing of personal data in the Airline are:
Access to personal data is limited in accordance with federal laws and local regulations of the Airline.
The Airline does not disclose personal data received by it as a result of its professional activities.
Employees of the Airline, who have access to personal data, assume obligations on ensuring confidentiality of the personal data processed that are defined by:
Access to personal data processed by the Airline on the basis and in the pursuance of regulations is provided to public authorities upon request.
The Airline performs cross-border transfer of personal data in the territory of foreign states only on legal grounds in accordance with the applicable legislation of the Russian Federation and International Agreements. In addition, all requirements for performance of cross-border transfer of personal data provided by the applicable legislation are fulfilled.
The Airline undertakes necessary technical and organizational measures of information security for protection of personal data against unauthorized access, modification, disclosure or destruction by way of internal audits of processes of collection, storage and processing of data and security measures, and by implementation of measures aimed at ensuring physical security of data for prevention of unauthorized access to the systems, where personal data are stored by the Airline.
The Airline takes reasonable measures for maintenance of accuracy and relevance of existing personal data and for deletion of personal data in cases where they become obsolete, unreliable or redundant, or if objectives of processing thereof are achieved. Subjects of personal data are responsible for providing to the Airline of reliable information, as well as for timely updating of the provided data in case of any changes.
If the subject of personal data states his/her willingness to find out, what personal data about him/her the Airline has at its disposal, as well as to supplement, correct, impersonate or delete any incomplete, inaccurate or obsolete personal data, or stop processing of his/her personal data by the Airline, the subject has the right in accordance with the applicable legislation to exercise such a right by contacting the Airline.
In order to fulfill requests from subjects of personal data the Airline may require establishment of identity and request additional information confirming the subject’s participation in the relations with the Airline, or information otherwise confirming the fact of processing of personal data by the Airline. In addition, the applicable legislation may impose restrictions and other conditions relating to the above rights of subjects of personal data.
If the subject has additional questions or suggestions regarding this Policy, he/she can contact the Airline at any time at the following address: email@example.com
Contacts for handling subjects on the processing of personal data:
11, Staropetrovskiy proezd, building 2, Moscow, Russia, 125130
8-800-700-8-007 (calls within Russia are free)
+7 (495) 783-00-42