POLICY
OOO UK "Zaozer'e" D.U. "T"
regarding the processing of personal data of users
of the website https://taivashotel.ru
1. Key Terms and Definitions Client, Guest / Personal Data Subject – a user of the Website who enters their personal data into the electronic forms posted on the Website for ordering (booking) and/or paying for Services, as well as for leaving feedback on the quality of Services. Operator – Zaozerye Management Company LLC (TIN: 1000018507, OGRN 1241000005157); legal address: 5 Chapayeva Street, Petrozavodsk, Republic of Karelia, 185005; postal address: 5 Chapayeva Street, Petrozavodsk, Republic of Karelia, 185005 (hereinafter referred to as the Operator or the Company), which processes the personal data of Clients. Services – hotel and related services directly provided at the Facilities (Hotels) by the Operator, as well as services offered by the Operator on the Website and at Hotels provided by the Operator's partners. Facility (Hotel) – Taivas Aparthotel, located at: 31A Anokhina Street, Petrozavodsk, Republic of Karelia, 185035; Operator's Partners – legal entities directly providing Services, which the Operator, acting as agent, offers on the Website and at the Hotel. Website – the Operator's official website: https://taivashotel.ru (Russian version) and https://taivashotel.com (English version). Policy – this document, which defines the Operator's privacy policy and the processing of personal data of Clients who have used or intend to use the Services through the Website. Personal data – any information relating directly or indirectly to an identified or identifiable natural person – the Personal Data Subject. Personal data processing – any action (operation) or set of actions (operations) performed with or without automated means with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2. General Provisions
2.1. This Privacy Policy regarding the processing of personal data of Website visitors and Hotel Guests has been developed in accordance with the Constitution of the Russian Federation, the requirements of Federal Law No. 152-FZ of July 27, 2006, "On Personal Data," and other regulatory legal acts of the Russian Federation in the area of protection (safeguarding) of the personal data of Russian citizens. It applies to all information located on the domain names https://taivashotel.ru and https://taivashotel.com that the Company may obtain about a Guest while the Guest is using the Website (including when the Guest completes various forms on the Website). It also applies in full to all Guests who have made a reservation for hotel services or completed the necessary actions to receive other services provided by the hotel.
2.2. This Policy has been developed to comply with Russian legislation regarding personal data processing and is aimed at protecting the rights and freedoms of individuals and citizens when processing their personal data, including protection against unauthorized access to Guests' personal data.
2.3. This Policy applies to all personal data of Clients, processed by the Operator, both automatically and manually. 3. Purposes of Personal Data Processing
3.1. The processing of personal data is limited to achieving specific, predetermined, and legitimate purposes. Processing of personal data incompatible with the purposes for which it was collected is prohibited.
3.1.1. When making a reservation on the Website, the Guest provides the following information: - Last name, first name, patronymic; - Email address; - Contact phone number; - Other information required by law for the reservation and/or provision of other services provided by the Hotel; - Other information that the Guest deems necessary to provide.
3.1.2. When paying by bank card, the Guest independently enters the bank card details required to conduct and process the payment. Such data is technically inaccessible to the Company, and the Company does not have access to it, does not store it, and does not use Guests' bank card details in any way. The confidentiality of the personal information provided is ensured by the bank that provides the payment system (platform).
3.1.3. This Policy notifies the Guest that during their visit, the Site may collect certain information, such as the browser used, IP address, operating system type, location, pages viewed, and other data. The information received is not linked to the data the Guest leaves on the Site, and it is impossible to identify the Guest from such automatically obtained data.
3.2. The Operator processes the Client's personal data.for the following purposes:
3.2.1. Booking (Ordering) Services. By booking hotel rooms and ordering other Services, the Client expresses their intention to enter into a Service Agreement with the Operator. Services can be booked (ordered) in one of the following ways: - by completing special electronic Service booking (order) forms on the Website; - by sending an email to the email address specified on the Website; - orally by telephone at the number specified on the Website.
3.2.2. Concluding Agreements for the Provision of Services. The Facility (Hotel) provides hotel services, catering services, household services, conference services, and tourist and excursion services.
3.2.3. Feedback. The Client's personal data, with their consent, may be used after the Services have been provided to identify them in subsequent inquiries. To establish feedback with the User, including sending notifications and requests regarding the provision of accommodation or other services, and processing requests and applications from the User.
3.2.4. Bonuses. For the purpose of creating exclusive personalized offers, discounts, and accruing points for bonus programs.
3.2.5. Marketing. With the Client's consent, the Operator may use the Client's personal data to send them news, information about ongoing promotions, and special offers.
3.2.6. Improving the Quality of Services. The Operator processes the Client's personal data provided when leaving a review of the Services on the Website in order to improve the quality and accessibility of the Services, the informativeness of the Website, and the quality of the services hosted therein, as well as to send the Operator's response to the review.
4. Composition and Volume of Processed Personal Data
4.1. For the purposes specified in Section 3 of the Policy, when completing the online booking (order) forms for Services on the Website, the Client provides the Operator with the following personal data: - last name, first name, and patronymic (if any), - email address, - contact phone number, - information required specifically for booking (ordering) Services - other information the Client deems necessary to provide.
4.2. When paying for Services by bank card, the Client independently enters the bank card details required to process the payment. This data is technically inaccessible to the Operator, who does not store or use it. The confidentiality of this data is ensured by the bank providing the payment system (platform).
4.3. When visiting the Website, certain information may be automatically collected, such as the browser used by the Client, IP address, operating system type, location, pages viewed, and other data. The information received is not linked to the data the Client provides on the Website; it cannot be used to identify the user.
5. Principles and Conditions for Processing Personal Data
5.1. Only personal data that meets the processing purposes specified in Section 3 of the Policy is subject to processing. Processing of personal data incompatible with the purpose of collecting personal data is not permitted.
5.2. The Company processes the personal data of Guests based on the following principles: - personal data is processed lawfully; - personal data processing is limited to achieving a specific, predetermined, and legitimate purpose. Only personal data that meets the purposes of processing is subject to processing. Processing of personal data incompatible with the purpose of collecting personal data is not permitted; - processed personal data is destroyed or anonymized when it is no longer necessary to achieve the purpose of processing, unless otherwise provided by law; - Guests' personal data is confidential.
5.3. The Company processes personal data if at least one of the following conditions is met: - the processing of personal data is carried out with the consent of the Guest: as a user of the website https://taivashotel.ru or https://taivashotel.com. The Guest provides the Company with their personal data and gives full and unconditional consent to its processing; - upon direct check-in at the hotel, the Guest provides the Company with their personal data and gives full and unconditional consent to its processing, including by signing the Guest registration card; - obtaining the Guest's consent to the processing of their personal data is a necessary condition for making a reservation. A reservation is impossible and will not be completed without the Guest's consent to the processing of their personal data; - the processing of personal data is necessary for the Company to fulfill its obligations to Guests, including the conclusion and execution of an agreement under which the Guest is a consumer of hotel and other services.
5.3. By entering your personal data in special electronic forms posted on the Website and intended for
By requesting Services or leaving a review of the Services, the Guest consents to their processing. The Guest's consent to receive newsletters from the Operator must be separately expressed by checking the box provided; otherwise, the Guest's personal data will not be used for this purpose.
5.3.1. The Guest has the right to opt out of receiving information by sending the Operator a written request to cease processing their personal data in this manner. Upon receipt of such a request by the Operator, the Guest's personal data will be immediately removed from the list of newsletter recipients.
5.4. The Company guarantees the confidentiality of the personal data it receives from Guests. Personal data may be transferred to third parties only in cases stipulated by applicable law, as well as for the purpose of fulfilling contracts concluded between the Guest and the Company. In particular, when booking (ordering) Services provided by the Company's Partners. The Guest's personal data received by the Company is transferred to the Partners to the extent necessary solely for the fulfillment of obligations to the Guest.
5.4.1. The Client's personal data may be provided only to the Client, provided that the Client provides proof of ownership of the personal data.
5.4.2. The Operator grants access to personal data only to those Operator employees or authorized persons who need this information to perform duties directly related to the provision of services to the User, as well as the operation, development, and improvement of the Website. 5.5. Processed personal data shall be destroyed when it is no longer necessary to achieve the purpose of processing or after the purpose of processing has been achieved.
6. Rights and Obligations of the Personal Data Subject and the Operator
6.1. In accordance with Federal Law No. 152-FZ of July 27, 2006, "On Personal Data," a Guest whose personal data is processed by the Company has the right to receive information regarding the processing of their personal data, including: - confirmation of the fact of personal data processing; - legal grounds and purposes of personal data processing; - the purposes and methods of personal data processing used by the Operator; - the name and location of the operator; - the personal data being processed relating to the relevant personal data subject, and the source thereof, unless another procedure for submitting such data is provided for by federal law; - the timeframes for processing personal data, including the storage periods; - the procedure for the personal data subject to exercise the rights stipulated by Federal Law No. 152-FZ of 27.07.2006 "On Personal Data"; - other information stipulated by Federal Law No. 152-FZ of 27.07.2006 "On Personal Data" or other federal laws.
6.2. The Guest has the right to request that the Company clarify, block, or destroy their personal data if the personal data is incomplete, outdated, inaccurate, illegally obtained, or is not necessary for the stated purpose of processing, and to take measures to protect their rights as provided by law.
6.3. To exercise their rights and legitimate interests, Guests have the right to contact the Company or submit a request in person or through a representative. The request must contain the information specified in Part 3 of Article 14 of the Federal Law "On Personal Data." Guests may send requests to the Company's email address hotel@zaozeriegroup.ru or by Russian Post to the following address: 5 Chapayeva Street, Petrozavodsk, 185005, or bring them in person to the reception desk at the Hotel. The request must be signed by the Guest (or their legal representative). If the request is sent electronically, it must be executed as an electronic document in accordance with the requirements of Russian Federation law. Information may only be provided to the subject of the personal data upon presentation of proof that the personal data in question belongs to that individual (subject).
6.4. The Company is obligated to: - use the personal data of Guests obtained solely for the purposes specified in this Policy; - ensure that the personal data of Guests is kept confidential and not disclosed without the prior written consent of the Guest, except in cases stipulated by Federal Law No. 152-FZ of July 27, 2006, "On Personal Data"; - provide, upon request of the Guest or their representative, the information stipulated by Part 7 of Article 14 of Federal Law No. 152-FZ of July 27, 2006, "On Personal Data"; - block personal data from the moment the Guest or their representative, or the authorized body for the protection of the rights of personal data subjects, requests it for the duration of the verification process, in the event that inaccurate personal data or illegal actions are detected.
7. Cookies
7.1. A cookie is a small text file that is sent by a web server and is stored on your computer, mobile phone, or any other internet-enabled device when you visit a website.
7.2. Each time you open a website page, your web client (web browser) sends the specified text file to the web server as part of an HTTP request to provide the web server with information about your online activities or preferences. To ensure the security and safety of your data, your web client (web browser) generally does not transfer cookies intended for one website to other resources.
7.3. You can delete already saved cookies at your discretion, or restrict (prohibit) their collection by setting the appropriate settings in your web client (web browser). Please note that in this case, we cannot guarantee the functionality of the Site or the availability of its full functionality. Use of Cookies Our Website uses cookies, in particular to collect non-personal information and monitor user interactions with the Website. We use these cookies to record your preferences and settings. The aggregated information collected allows us to analyze traffic patterns on our Website and improve the user experience. For example, we may use cookies to: - store the username and password when filling out forms, and to determine the User's geographic location for future visits to simplify and speed up login; - store the User's preferences; - time of visit to the Website; - referral source; - User information (gender, age, interests); - landing and exit pages; - user authentication (custom settings: page zoom). - personal data: phone number, email address, payment information. - device used to access the Website (desktop, Android, or iPhone). - session time on the Website. - browser used to access the Website. - transitions and clicks on the website (number, specific buttons, and links clicked). Statistics are collected through Yandex.Metrica. Cookies are not considered personal data and cannot identify a client or website visitor, but they can help improve the website's performance. Cookies are used to simplify the customer experience and to collect analytics for the Operator to improve the quality of services provided on the website. Cookies do not contain confidential information. The website visitor and/or Client hereby consents to the collection, analysis, and use of cookies, including by third parties, for the purposes of generating statistics and optimizing advertising messages. This information is not used to identify the visitor. If desired, the User may opt out of the collection of this data. A pop-up window will be displayed on the website asking whether to agree to or opt out of cookie collection.
8. Final Provisions
8.1. In the event of failure to comply with the provisions of this Policy, the Operator shall be liable in accordance with the current legislation of the Russian Federation.
8.2. The Operator reserves the right to make changes to this Privacy Policy without the User's consent.
8.3. The new Privacy Policy shall take effect from the moment it is posted on the Hotel Website, unless otherwise provided in the new version of the Privacy Policy.
8.4. Any suggestions or questions regarding this Privacy Policy should be communicated to the Operator.