Privacy policy

1. Introduction

1.1. Aliot Limited Liability Company (hereinafter Aliot LLC) provides service in accommodation of guests, and temporary dwelling of students (hereinafter referred to as the Clients), lease of non-residential premises and conference halls with presentation equipment, which they furnished.

1.2. Aliot LLC considers ensuring required and sufficient protection and integrity of personal data that Clients submit as the most important precondition for activities of Aliot LLC.

1.3. This Privacy policy helps viewing information on which information on personal data of our Clients is acquired, and and how it utilized.

1.4. The Policy is developed according to the current legislation of Russian Federation.

2. Concept, structure and processing of personal data

2.1. Personal data is any information referred directly, or indirectly to a defined or being defined individual (subject of personal data).

2.2. Processing of personal data is any action (operation) or totality of actions (operations) performed using automation facilities, or free from using said facilities with respect to personal data including collection, recording, systematization, accumulation, storage, refinement (updating, modification), extraction, use, transmission, (dissemination, making available, access) depersonalization, blocking, deletion, destruction of personal data.

2.3. List of personal data, which acquisition and processing is performed by Aliot LLC:

-data in questionnaire (surname, name, patronymic, day, month, year of birth etc.);

- passport details;

- residence address;

- registration address;

- contact phone number;

- e-mail;

- data on job;

- data on education institution.

Any personal data are received by Hotel employees directly from the subject of personal data Clients i.e. when the latter fills registration card during check-in at Aliot hotel, or Aliot Youth center, or when specifying personal data on Aliot LLC web site when filling feedback form, posting comments on service provided.

2.4. Any personal data processed by Aliot LLC is a strictly protected confidential information according to the Russian laws.

2.5. When processing Clients’ personal data, principles of legality and prevention of personal data processing incompatible with purposes of personal data acquisition are followed.

3. Purposes and personal data storage

3.1 Personal data are processed by Aliot LLC in Clients’ interests, and in order to provide the Clients with service listed under para.1.1. herein, and in order to comply with the Federal Law ‘On personal data’ dated 27.07.2006 N 152-FZ, Decree of Russian Government dated 15.09.2008 N 687 ‘ On approval of Provision on peculiarities of processing of personal data performed free from utilizing automation facilities, Federal Law ‘On migration recording of foreign citizens and persons without citizenship in the Russian Federation’ dated 18.07.2006 N 109-FZ, legal enactment etc. through acquisition, systematization, accumulation, storage, refinement, updating, modification, extraction, use, dissemination (representation), depersonalization, blocking, deletion, destruction, and protection against unauthorized access of Clients’ personal data.

3.2. Consent of Clients for processing personal data is obtained since processing of personal data is performed in order to implement the contract, one of which paries is the subject of personal data i.e. the Client.

3.3. Personal data shall be stored in a form that allows for determining the subject of personal data no longer that it is required by the purposes of personal data processing when the storage period of personal data is not established by the effective laws, contract. Personal data of Clients in hard copies are kept in the business unit that performs registration and accommodation of Clients. Personal data of Clients in soft copies are kept in local computer network at Aliot LLC, in electronic folders and files on personal computers of the business unit charged with registration and accommodation of Clients, and employees admitted for processing personal data of Clients.

3.4. Personal data being processed are subject to destruction, or depersonalization once processing specific purposes are reached, or in case the need for reaching said purposes is lost, unless otherwise is provided by the laws in effect. Media containing personal data shall be destroyed as follows:

• personal data in hard copies are destroyed in a way that prevents recovering document (applying shredders - paper disintegrator);

• personal data placed in memory of personal computers shall be destroyed by deleting them from the memory of personal computers.

3.3. Aliot LLC established a list of employees that perform processing of personal data, or have access thereto once Agreement on nondisclosure fo Client personal data is signed.

4. Using and transmitting personal data

4.1. Aliot LLC does not save, sell and transfer Client personal data to third parties, except the cases when information submission is a special obligation according to the Russian laws. Questions related to transferring information that contain personal data shall not be answered via telephone or fax.

4.2. When transmitting Client personal data, Aliot LLC warns the persons that receive said data that they used only in the purposes, for which they were given, and requires from said persons to confirm this condition, and privacy mode is met.

4.3. Aliot LLC processes Client personal data exclusively in order to provide service, forwarding answers on Clients’ requests, and in cases when data (details) are provided to the state executive, municipal power authorities according to the Russian laws, and in order to implement effective Russian laws (including by telephone/via email).

4.4. Aliot LLC is entitled to provide or transmit Client personal data to third parties in cases when:

1) disclosure of such information is required to fulfil the law, implementing court order; 2) to render assistance in conducting investigations performed by law-enforcement or other state authorities; 3) to protect the legal rights of Clients, and guests of Aliot hotel / Aliot Youth center. Should a Client withdraw consent, Aliot LLC is entitled to continue processing without Client consent when the grounds are available shown under para. 2-11 part 1 article 6. part 2 article 10 and part 2 article 11 Federal Law No. 152-FZ ‘On personal data’.

5. Protecting personal data against unauthorized access

5.1. Aliot LLC when processing Client personal data undertakes to fulfil privacy regulations with respect to access to data, and take any reasonable step to protect personal data against accidental and unauthorized access thereto, destruction, modification, blocking, copying, dissemination, and other illegal actions.

5.2. The main step to ensure an efficient protection of Client personal data is monitoring of data protection level: Aliot LLC runs a procedure for receiving, recording and keeping Client personal data, legal, arrangement and engineering security means are applied, data protection is ensured; intruder access is prevented, and conditions are generated for avoiding their intervention, engineering means applied in data processing are securely protected against impact to avoid interruption of their operation.

5.2.1. All employees that work with any personal data undergo induction in operation with personal data, Agreement on nondisclosure fo Client personal data is concluded. Access of employees to Client personal data, which have no appropriate right is avoided.

5.2.2. Documents containing Client personal data are kept in service premises that ensure protection against unauthorized access, admission to said premises is provided via electronic monitoring and passage system

5.2.3. Access to the premises with engineering facilities, which process and store information is restricted and ensured with security. Electronic bases containing Client personal data are protected with passwords, and have licenses required. Dedicated software is applied that prevents data leak, hinders operation of virus and worms (antivirus); protection is ensured also with firewalls, which are aimed to protection against targeted attacks; intrusion prevention systems are installed, which detect attacks and bock the most active attacks; protection system is ensured with vulnerability scanners, which verify whether gaps are available.

6. Cookies

6.1. Cookies are minor text files that contain string with chars, which web site remembers on your CP when you enter a defined page. When you are again on this page, said file enables identifying your browser. Some functions or services of web sites may operate incorrectly without cookies. Neither data acquired this way by our party may be utilized to identify web site visitor. No cookies may also be used to launch programs or infect your computer with virus. Information from cookies is not used to identify you personally, and data on your actions on web site are stored under conditions being protected completely. The most cookies we utilize are analytical ones. They count number of users, helps us understand how to our site is used by the users, and enhance its operation, for instance, to make search results more precise.

6.2. Which cookies are utilized:

Cookie name	Purpose of use	Note
PHPSESSID	Site user session identifier	By default
_ym_uid	user identifier (Yandex service)	required to identify user and acquire statistics
_ym_isad	information about determining whether advertisement disabler available (Yandex service)
_ga	master cookie, which used to identify user, updated at each interaction with site (Google Analytics service)	Duration 2 years;
_gat	used to restrict enquiry frequency (Google Analytics service)	Duration 1 minute
_gid	allows distinguishing user (Google Analytics service)	Duration 24 hours;
TLBF_ru, TLBF_en	verifying which site version is opened	Russain/Englich site version
_ym_metrika_enabled, metrika_enabled _ym_metrika_enabled_(identifier)	Yandex Metrics cookie	Assessing site efficacy using meters

6.3. Information how to delete cookies or adjust browser to delete or reject cookies may be found help materials of your browser

7. Final provisions

7.1. This Privacy policy is subject to revision and adding in future in case new legal enactment and dedicated regulatory documents appear connected with processing and protection of personal data.

7.2. Implementation of requirements set forth in this Policy is performed by the person responsible for ensuring safety of personal data Aliot LLC.

7.3. Regarding inquiries concerning acquisition, processing, usage of your personal data, and receiving data on saved data, their adjustment, blocking or deletion please address: 198097, St. Petersburg, ul. Vozrozhdenia 4, lit. A, office 1, and email: secret@aliot-spb.ru specifying your passport data. Aliot LLC warrants that when reviewing your personal inquiries a complete protection and privacy of data provided by you will be ensured.

Updated May 21, 2018