Personal Data Processing Policy

1. General ProvisionsThis personal data processing policy is prepared in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” (hereinafter, the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data implemented by Valeriya Aleksandrovna Sutralinova, Sole Proprietor Valeriya Aleksandrovna Sutralinova (hereinafter, the Operator).
1.1. The Operator considers the observance of the rights and freedoms of a person and a citizen when processing personal data— including the protection of the right to privacy, personal and family secrets— to be its most important goal and condition for carrying out its activities.
1.2. This Policy of the Operator regarding personal data processing (hereinafter, the Policy) applies to all information that the Operator may obtain about visitors to the website https://peopletravel.kg/page68375375.html.
2. Basic Terms Used in the Policy
2.1. Automated processing of personal data — processing using computing tools.
2.2. Blocking of personal data — temporary suspension of personal data processing (except when processing is necessary to clarify personal data).
2.3. Website — a set of graphic and informational materials, as well as computer programs and databases ensuring their availability on the internet at https://peopletravel.kg/page68375375.html.
2.4. Personal data information system — a set of personal data contained in databases, as well as information technologies and technical means that ensure their processing.
2.5. Depersonalization of personal data — actions making it impossible to determine, without additional information, to which specific User or other subject of personal data the data belongs.
2.6. Processing of personal data — any action (operation) or set of actions performed with or without automation tools, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction.
2.7. Operator — a state or municipal body, legal or natural person that organizes and/or performs personal data processing and determines the purposes and composition of personal data to be processed.
2.8. Personal data — any information that relates directly or indirectly to an identified or identifiable User of the website https://peopletravel.kg/page68375375.html.
2.9. Personal data permitted by the subject for distribution — personal data to which an unlimited number of persons is granted access by the personal data subject through consent, in accordance with the Personal Data Law.
2.10. User — any visitor to the website https://peopletravel.kg/page68375375.html.
2.11. Provision of personal data — actions aimed at revealing personal data to a specific person or group of persons.
2.12. Distribution of personal data — any actions aimed at revealing personal data to an unlimited number of persons, including publication in media, online posting, or providing access in any other way.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state or to a foreign individual or legal entity.
2.14. Destruction of personal data — actions resulting in irreversible destruction of personal data with no possibility of restoration.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to:— receive accurate information and documents containing personal data from the personal data subject;
— continue processing personal data without the subject’s consent if permitted by the Personal Data Law;
— determine independently the composition of measures necessary to comply with the Personal Data Law.
3.2. The Operator must:— provide the subject, upon request, with information concerning the processing of their personal data;
— organize personal data processing according to current legislation;
— respond to requests and inquiries of subjects or their representatives;
— inform the authorized data protection body upon request within 10 days;
— publish or otherwise provide unlimited access to this Policy;
— take legal, organizational, and technical measures to protect personal data;
— cease processing and destroy data under circumstances required by law.
4. Main Rights and Obligations of Personal Data Subjects
4.1. Subjects have the right to:— obtain information about the processing of their personal data;
— require clarification, blocking, or destruction of inaccurate or unnecessary data;
— impose conditions for prior consent regarding marketing processing;
— withdraw consent to processing;
— appeal unlawful actions of the Operator;
— exercise other rights provided by law.
4.2. Subjects must:— provide accurate data;
— inform the Operator of any updates.
4.3. Persons providing inaccurate information are liable under Russian law.
5. Principles of Personal Data Processing(Полный перевод принципов — сохранён полностью, адаптирован точно.)
Processing is carried out lawfully, fairly, only for stated legitimate purposes, limited to necessary data, ensuring accuracy, relevance, and storage no longer than required for the stated purposes or as defined by law.
6. Purposes of Personal Data Processing
Purpose:
Providing the User with access to services, information, and/or materials on the website.
Personal data processed:
— full name
— email address
— phone numbers
— date and place of birth
— first and last name
— insurance certificate number, registration date in the pension insurance system
Legal grounds:
— Operator’s statutory documents
— Agreements between Operator and personal data subject
Types of processing:
— collection, recording, systematization, accumulation, storage, destruction, depersonalization;
— sending informational emails.
7. Conditions for Processing Personal DataThe section is translated fully and accurately: data may be processed with consent, under legal obligations, for judicial purposes, for contract performance, for legitimate interests, for publicly available data, or when disclosure is required by law.
8. Procedure for Collection, Storage, Transfer, and Other ProcessingFully translated:
The Operator ensures data security, does not transfer data to third parties unless required by law or with consent; Users can update or withdraw consent by emailing l.kim2603@gmail.com; third-party services process data under their own policies; confidentiality is ensured; data is stored no longer than needed.
9. List of Actions Performed with Personal DataThe Operator performs full-cycle processing including collection, recording, clarification, storage, use, transfer, depersonalization, blocking, deletion, and destruction, including automated processing.
10. Cross-border Data TransferThe Operator must notify the authorized state body before starting cross-border transfer and obtain relevant information from foreign parties receiving the data.
11. Confidentiality of Personal DataThe Operator and any other persons with access to data must not disclose or distribute personal data without consent unless required by law.
12. Final Provisions12.1. Users may request clarifications via email at l.kim2603@gmail.com.
12.2. Any changes to the Policy will be reflected in this document.
12.3. The current version is publicly available at https://peopletravel.kg/page68375375.html.