Personal Data Processing Policy
1. General Provisions
This Personal Data Processing Policy is drafted in accordance with the requirements of Federal Law No. 152-FZ of 27.07.2006 “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and the measures taken to ensure the security of personal data by LLC “SunJet” (hereinafter referred to as the Operator).
1.1. The Operator considers respect for human and civil rights and freedoms in the processing of personal data— including the protection of the rights to privacy, personal and family secrets—its most important goal and mandatory condition for conducting its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may obtain about visitors of the website http://sunjet.ac.
2. Basic Terms Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computing equipment.
2.2. Blocking of personal data — temporary suspension of personal data processing (except in cases where processing is necessary to clarify personal data).
2.3. Website — a collection of graphic and informational materials, as well as computer programs and databases, ensuring their accessibility on the Internet at the network address http://sunjet.ac.
2.4. Personal data information system — a set of personal data contained in databases, as well as information technologies and technical means ensuring their processing.
2.5. Depersonalization of personal data — actions that make it impossible to determine, without the use of additional information, whether the personal data belongs to a specific User or another personal data subject.
2.6. Processing of personal data — any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
2.7. Operator — a state or municipal authority, legal or natural person independently or jointly with others organizing and/or performing the processing of personal data, as well as determining the purposes of personal data processing, the composition of personal data to be processed, and actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to an identified or identifiable User of the website http://sunjet.ac.
2.9. Personal data permitted by the personal data subject for dissemination — personal data to which the personal data subject has provided access to an unlimited number of persons by giving consent for the processing of personal data permitted for dissemination in the manner established by the Personal Data Law (hereinafter — personal data permitted for dissemination).
2.10. User — any visitor of the website http://sunjet.ac.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or making personal data available to an unlimited number of persons, including publishing them in the media, posting in information and telecommunication networks, or providing access to personal data in any other way.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state, a foreign authority, a foreign individual, or a foreign legal entity.
2.14. Destruction of personal data — any actions that result in the irreversible destruction of personal data with no possibility of further restoration of their content in the personal data information system and/or the destruction of tangible media of personal data.
3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right to:
— receive from the personal data subject accurate information and/or documents containing personal data;
— continue processing personal data without the consent of the personal data subject if such grounds are specified in the Personal Data Law, including cases of withdrawal of consent or submission of a request to cease processing;
— independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations established by the Personal Data Law unless otherwise provided by federal laws.
3.2. The Operator must:
— provide the personal data subject, upon request, with information regarding the processing of their personal data;
— organize personal data processing in accordance with the legislation of the Russian Federation;
— respond to requests and inquiries of personal data subjects and their legal representatives as required by the Personal Data Law;
— submit required information to the authorized body for the protection of personal data subjects within 10 days from receiving the request;
— publish or otherwise ensure unlimited access to this Personal Data Processing Policy;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, alteration, blocking, copying, provision, dissemination, as well as from other unlawful actions;
— cease the transfer (distribution, provision, access), processing, and destroy personal data in cases established by the Personal Data Law;
— fulfill other obligations provided for by the Personal Data Law.
4. Basic Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information related to the processing of their personal data, except as provided by federal laws. The information is provided by the Operator in an accessible form and must not include personal data relating to other subjects, unless there are legal grounds for disclosure. The list of information and procedure for obtaining it is established by the Personal Data Law;
— demand clarification, blocking, or destruction of their personal data if such data are incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose;
— require prior consent for the processing of their personal data for the purpose of marketing goods, works, and services;
— withdraw consent to the processing of personal data or request the cessation of their processing;
— appeal unlawful actions or inaction of the Operator in relation to their personal data to the authorized body or through court;
— exercise other rights established by Russian legislation.
4.2. Personal data subjects must:
— provide the Operator with accurate information about themselves;
— inform the Operator of any clarification (updating, changing) of their personal data.
4.3. Persons who provided the Operator with false information about themselves or information about another personal data subject without their consent bear liability in accordance with Russian legislation.
5. Principles of Personal Data Processing
5.1. Personal data is processed on a lawful and fair basis.
5.2. Processing is limited to achieving specific, predetermined, and lawful purposes. Processing incompatible with the purposes of personal data collection is not allowed.
5.3. Combining personal data databases processed for incompatible purposes is not allowed.
5.4. Only personal data that meets the purposes of their processing is subject to processing.
5.5. The content and volume of processed personal data must correspond to the stated processing purposes. Excessive personal data relative to the stated purposes is not allowed.
5.6. Personal data must be accurate, sufficient, and up-to-date when necessary. The Operator must take measures to delete or clarify incomplete or inaccurate data.
5.7. Personal data is stored in a form that allows identification of the subject no longer than required by the purpose of processing unless otherwise required by federal law or contract. After the purpose is achieved, personal data is deleted or depersonalized unless otherwise provided by law.
6. Purposes of Personal Data Processing
Purpose of processing: providing the User with access to services, information, and/or materials posted on the website.
Personal data categories:
— surname, first name, patronymic
— email address
— phone numbers
Legal grounds:
— the Operator’s statutory (founding) documents
Types of processing:
collection, recording, systematization, accumulation, storage, destruction, and depersonalization of personal data.
7. Conditions for Personal Data Processing
7.1. Processing is carried out with the consent of the personal data subject.
7.2. Processing is necessary to achieve purposes stipulated by an international treaty or law, and to fulfil the Operator’s obligations under Russian law.
7.3. Processing is necessary for the administration of justice or execution of judicial or administrative acts.
7.4. Processing is necessary for the performance of a contract to which the personal data subject is a party, beneficiary, or guarantor, or for concluding a contract at the initiative of the personal data subject.
7.5. Processing is necessary to exercise the legitimate interests of the Operator or third parties, or to achieve socially significant purposes, provided the rights and freedoms of the subject are not violated.
7.6. Processing of publicly available personal data is carried out when access is provided by the personal data subject or at their request.
7.7. Processing is carried out for personal data subject to publication or mandatory disclosure under federal law.
8. Procedure for Collection, Storage, Transfer, and Other Types of Personal Data Processing
Personal data security processed by the Operator is ensured through legal, organizational, and technical measures required for full compliance with the current legislation on personal data protection.
8.1. The Operator ensures the confidentiality and security of personal data and takes all possible measures to prevent unauthorized access.
8.2. Personal data will never be transferred to third parties except:
— as required by law;
— when the subject has given consent for transfer to fulfill obligations under a civil contract.
8.3. If inaccuracies in personal data are discovered, the User may update them by sending a notification to the Operator at sales@sun-airline.ru with the note “Personal Data Update”.
8.4. The processing period is determined by the achievement of purposes unless otherwise established by law or contract.
The User may withdraw their consent at any time by emailing the Operator at sales@sun-airline.ru with the note “Withdrawal of Consent for Personal Data Processing”.
8.5. All information collected by third-party services (payment systems, communication tools, service providers) is stored and processed by those parties in accordance with their User Agreements and Privacy Policies. The Operator is not responsible for third-party actions.
8.6. Restrictions imposed by the personal data subject regarding transfer, processing, or conditions of processing of personal data permitted for dissemination do not apply when processing is carried out in state, public, or other public interests defined by law.
8.7. The Operator ensures the confidentiality of personal data during processing.
8.8. Personal data is stored in a form allowing identification of the subject no longer than necessary for processing purposes unless otherwise required by law or contract.
8.9. Grounds for termination of processing include: achieving processing purposes, expiration of consent, withdrawal of consent, or identification of unlawful processing.
9. List of Actions Performed by the Operator with Personal Data
9.1. The Operator performs collection, recording, systematization, accumulation, storage, clarification (updating, changing), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
9.2. The Operator performs automated processing with or without the transmission of information over information and telecommunication networks.
10. Cross-Border Transfer of Personal Data
10.1. Before beginning cross-border data transfer, the Operator must notify the authorized regulatory body of its intention to conduct such transfer (in a separate notification from the general personal data processing notice).
10.2. Before submitting this notification, the Operator must obtain the necessary information from the authorities of the foreign state or foreign individuals/legal entities to whom the transfer is planned.
11. Confidentiality of Personal Data
The Operator and any persons who have gained access to personal data must not disclose or disseminate them without the consent of the personal data subject unless otherwise required by federal law.
12. Final Provisions
12.1. The User may obtain any clarifications regarding matters relating to the processing of their personal data by contacting the Operator via email at sales@sun-airline.ru.
12.2. Any amendments to the Operator’s Personal Data Processing Policy will be reflected in this document. The Policy shall remain in force indefinitely until it is replaced with a new version.
12.3. The current version of the Policy is publicly available on the internet at: http://sunjet.ac/politic_ru.
1. General Provisions
This Personal Data Processing Policy is drafted in accordance with the requirements of Federal Law No. 152-FZ of 27.07.2006 “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and the measures taken to ensure the security of personal data by LLC “SunJet” (hereinafter referred to as the Operator).
1.1. The Operator considers respect for human and civil rights and freedoms in the processing of personal data— including the protection of the rights to privacy, personal and family secrets—its most important goal and mandatory condition for conducting its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may obtain about visitors of the website http://sunjet.ac.
2. Basic Terms Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computing equipment.
2.2. Blocking of personal data — temporary suspension of personal data processing (except in cases where processing is necessary to clarify personal data).
2.3. Website — a collection of graphic and informational materials, as well as computer programs and databases, ensuring their accessibility on the Internet at the network address http://sunjet.ac.
2.4. Personal data information system — a set of personal data contained in databases, as well as information technologies and technical means ensuring their processing.
2.5. Depersonalization of personal data — actions that make it impossible to determine, without the use of additional information, whether the personal data belongs to a specific User or another personal data subject.
2.6. Processing of personal data — any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
2.7. Operator — a state or municipal authority, legal or natural person independently or jointly with others organizing and/or performing the processing of personal data, as well as determining the purposes of personal data processing, the composition of personal data to be processed, and actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to an identified or identifiable User of the website http://sunjet.ac.
2.9. Personal data permitted by the personal data subject for dissemination — personal data to which the personal data subject has provided access to an unlimited number of persons by giving consent for the processing of personal data permitted for dissemination in the manner established by the Personal Data Law (hereinafter — personal data permitted for dissemination).
2.10. User — any visitor of the website http://sunjet.ac.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or making personal data available to an unlimited number of persons, including publishing them in the media, posting in information and telecommunication networks, or providing access to personal data in any other way.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state, a foreign authority, a foreign individual, or a foreign legal entity.
2.14. Destruction of personal data — any actions that result in the irreversible destruction of personal data with no possibility of further restoration of their content in the personal data information system and/or the destruction of tangible media of personal data.
3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right to:
— receive from the personal data subject accurate information and/or documents containing personal data;
— continue processing personal data without the consent of the personal data subject if such grounds are specified in the Personal Data Law, including cases of withdrawal of consent or submission of a request to cease processing;
— independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations established by the Personal Data Law unless otherwise provided by federal laws.
3.2. The Operator must:
— provide the personal data subject, upon request, with information regarding the processing of their personal data;
— organize personal data processing in accordance with the legislation of the Russian Federation;
— respond to requests and inquiries of personal data subjects and their legal representatives as required by the Personal Data Law;
— submit required information to the authorized body for the protection of personal data subjects within 10 days from receiving the request;
— publish or otherwise ensure unlimited access to this Personal Data Processing Policy;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, alteration, blocking, copying, provision, dissemination, as well as from other unlawful actions;
— cease the transfer (distribution, provision, access), processing, and destroy personal data in cases established by the Personal Data Law;
— fulfill other obligations provided for by the Personal Data Law.
4. Basic Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information related to the processing of their personal data, except as provided by federal laws. The information is provided by the Operator in an accessible form and must not include personal data relating to other subjects, unless there are legal grounds for disclosure. The list of information and procedure for obtaining it is established by the Personal Data Law;
— demand clarification, blocking, or destruction of their personal data if such data are incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose;
— require prior consent for the processing of their personal data for the purpose of marketing goods, works, and services;
— withdraw consent to the processing of personal data or request the cessation of their processing;
— appeal unlawful actions or inaction of the Operator in relation to their personal data to the authorized body or through court;
— exercise other rights established by Russian legislation.
4.2. Personal data subjects must:
— provide the Operator with accurate information about themselves;
— inform the Operator of any clarification (updating, changing) of their personal data.
4.3. Persons who provided the Operator with false information about themselves or information about another personal data subject without their consent bear liability in accordance with Russian legislation.
5. Principles of Personal Data Processing
5.1. Personal data is processed on a lawful and fair basis.
5.2. Processing is limited to achieving specific, predetermined, and lawful purposes. Processing incompatible with the purposes of personal data collection is not allowed.
5.3. Combining personal data databases processed for incompatible purposes is not allowed.
5.4. Only personal data that meets the purposes of their processing is subject to processing.
5.5. The content and volume of processed personal data must correspond to the stated processing purposes. Excessive personal data relative to the stated purposes is not allowed.
5.6. Personal data must be accurate, sufficient, and up-to-date when necessary. The Operator must take measures to delete or clarify incomplete or inaccurate data.
5.7. Personal data is stored in a form that allows identification of the subject no longer than required by the purpose of processing unless otherwise required by federal law or contract. After the purpose is achieved, personal data is deleted or depersonalized unless otherwise provided by law.
6. Purposes of Personal Data Processing
Purpose of processing: providing the User with access to services, information, and/or materials posted on the website.
Personal data categories:
— surname, first name, patronymic
— email address
— phone numbers
Legal grounds:
— the Operator’s statutory (founding) documents
Types of processing:
collection, recording, systematization, accumulation, storage, destruction, and depersonalization of personal data.
7. Conditions for Personal Data Processing
7.1. Processing is carried out with the consent of the personal data subject.
7.2. Processing is necessary to achieve purposes stipulated by an international treaty or law, and to fulfil the Operator’s obligations under Russian law.
7.3. Processing is necessary for the administration of justice or execution of judicial or administrative acts.
7.4. Processing is necessary for the performance of a contract to which the personal data subject is a party, beneficiary, or guarantor, or for concluding a contract at the initiative of the personal data subject.
7.5. Processing is necessary to exercise the legitimate interests of the Operator or third parties, or to achieve socially significant purposes, provided the rights and freedoms of the subject are not violated.
7.6. Processing of publicly available personal data is carried out when access is provided by the personal data subject or at their request.
7.7. Processing is carried out for personal data subject to publication or mandatory disclosure under federal law.
8. Procedure for Collection, Storage, Transfer, and Other Types of Personal Data Processing
Personal data security processed by the Operator is ensured through legal, organizational, and technical measures required for full compliance with the current legislation on personal data protection.
8.1. The Operator ensures the confidentiality and security of personal data and takes all possible measures to prevent unauthorized access.
8.2. Personal data will never be transferred to third parties except:
— as required by law;
— when the subject has given consent for transfer to fulfill obligations under a civil contract.
8.3. If inaccuracies in personal data are discovered, the User may update them by sending a notification to the Operator at sales@sun-airline.ru with the note “Personal Data Update”.
8.4. The processing period is determined by the achievement of purposes unless otherwise established by law or contract.
The User may withdraw their consent at any time by emailing the Operator at sales@sun-airline.ru with the note “Withdrawal of Consent for Personal Data Processing”.
8.5. All information collected by third-party services (payment systems, communication tools, service providers) is stored and processed by those parties in accordance with their User Agreements and Privacy Policies. The Operator is not responsible for third-party actions.
8.6. Restrictions imposed by the personal data subject regarding transfer, processing, or conditions of processing of personal data permitted for dissemination do not apply when processing is carried out in state, public, or other public interests defined by law.
8.7. The Operator ensures the confidentiality of personal data during processing.
8.8. Personal data is stored in a form allowing identification of the subject no longer than necessary for processing purposes unless otherwise required by law or contract.
8.9. Grounds for termination of processing include: achieving processing purposes, expiration of consent, withdrawal of consent, or identification of unlawful processing.
9. List of Actions Performed by the Operator with Personal Data
9.1. The Operator performs collection, recording, systematization, accumulation, storage, clarification (updating, changing), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
9.2. The Operator performs automated processing with or without the transmission of information over information and telecommunication networks.
10. Cross-Border Transfer of Personal Data
10.1. Before beginning cross-border data transfer, the Operator must notify the authorized regulatory body of its intention to conduct such transfer (in a separate notification from the general personal data processing notice).
10.2. Before submitting this notification, the Operator must obtain the necessary information from the authorities of the foreign state or foreign individuals/legal entities to whom the transfer is planned.
11. Confidentiality of Personal Data
The Operator and any persons who have gained access to personal data must not disclose or disseminate them without the consent of the personal data subject unless otherwise required by federal law.
12. Final Provisions
12.1. The User may obtain any clarifications regarding matters relating to the processing of their personal data by contacting the Operator via email at sales@sun-airline.ru.
12.2. Any amendments to the Operator’s Personal Data Processing Policy will be reflected in this document. The Policy shall remain in force indefinitely until it is replaced with a new version.
12.3. The current version of the Policy is publicly available on the internet at: http://sunjet.ac/politic_ru.
Продолжая использовать сайт, вы соглашаетесь с обработкой персональных данных, политикой конфиденциальности и использованием cookie.
© All rights reserved