Updated version, approved on March 13, 2023г.
AZIMUTH Airlines Joint-stock Company, INN 2312218415, KPP 616301001, OGRN 1142312009542, 344022 Russian Federation, Rostov Region, Rostov-on-Don, 91 Suvorova St., office 801, floor 8 (hereinafter referred to as Airline) hereby informs all personal data subjects, including those located on the territory of the European Union or whose personal data were obtained from the territory of the European Union, in relation to the airline services offered by it (hereinafter referred to as Data Subjects) of their rights, as well as the conditions and principles of personal data processing applied by the Airline, including the ones in accordance with the requirements of Regulation No. 2016/679 of the European Parliament and the Council of the European Union “On the Protection of Individuals in the Personal Data Processing and Free Circulation of Such Data” General Data Protection Regulation (hereinafter referred to as “GDPR”).
The term "Personal Data" means any information relating to an identified or identifiable natural person ("Data Subject"); an identifiable natural person is a person who can be directly or indirectly identified, particularly, based on identification information such as name, identification number, location data, Internet identifier (online identifier) or by means of one or more indicators specific to physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.
Personal data of a Data Subject is processed by the Airline only if at least one of the following conditions is applicable:
The Data Subject agrees with processing of his/her personal data for one or several certain purposes:
- execution of a contract which the Data Subject is one of the parties to, or for taking measures at the request of the Data Subject before entering into a contract;
- for fulfillment of legal liabilities of the Airline;
- for protection of vital interests of the Data Subject or any other natural person;
- for performance of tasks in the interests of the state;
- for the purposes of ensuring legal interests of the Airline or a third party, with the exception of cases where such interests are contrary to the interests or main rights and freedoms of the subject of data that require protection of personal data, in particular, if the data subject is a child.
2. Personal Data Processing Principles.
2.1. Personal data processing in the Airline is carried out respecting the need to ensure the protection of rights and freedoms of the Airline's employees and other data subjects, including protection of the right to privacy, personal and family confidentiality based on the following principles:
- personal data processing is carried out in the Airline on a legal and fair basis;
- personal data processing is limited to the achievement of specific, predetermined and legitimate purposes;
- personal data processing that is incompatible with the purposes of personal data collection is not allowed;
- it is not allowed to combine databases containing personal data which is processed for purposes that are incompatible with each other;
- only personal data that meet the purposes of its processing is to be processed;
- the content and scope of the personal data being processed corresponds to the processing purposes stated. No excess personal data is allowed to be processed beyond the personal data processing purposes stated;
- the accuracy of personal data, its sufficiency and, where necessary, its relevance to the purposes of personal data processing are maintained in the course of personal data processing. The Airline takes or facilitates necessary measures for deletion or clarification of incomplete or inaccurate personal data;
- personal data being processed is destroyed or depersonalized upon achievement of purposes of processing or in case of loss of necessity to achieve these purposes, unless otherwise provided by law.
3.List of Personal Data Being Processed.
3.1. The list of personal data being processed may include the following categories:
- name, last name, patronymic, mobile phone number, email address, passport data, payment information, order numbers, total cost of services ordered and other data necessary for the implementation and/or payment for services, refund and/or change of service terms, identification number, location data, identifier, online ID, ticket number; masked bank card number, health information (only to the extent and for the purposes of establishing contraindications for the flight and (or) the need to establish the need to provide special conditions for air travel (medical needs) where required by law), information about actions performed online on websites and mobile applications of the Airline, as well as information about the devices used (such as geolocation, IP addresses, cookies, transaction data, etc.).
The Airline processes certain categories of Personal Data depending on the way the Airline's services are used by the Data Subject. The subject's personal data is used to provide the services (functionality) of the website according to the subject's preferences, to process requests, as well as to communicate with the subject on services which may be of interest for the subject, and which are selected specifically for the drawing of prizes, games, as well as to address relevant organizational (administrative) issues. All personal data is processed in accordance with the applicable data protection laws.
By using the Services and Websites of the Airline, the Subject agrees to the processing of Personal Data.
3.2. Personal data of Data Subjects is received by the Airline in various ways, including:
- directly from potential or current customers of the Company, their representatives, agents, affiliates, guarantors or through third parties for the purpose of making contracts, further communication, provision of information and services. The Airline collects Personal Data when a subject visits our Website and/or provides their Personal Data when purchasing our Services or, being a member of a "Loyalty Program," registers for participation in prize drawings, games, or contests, subscribes to our mailing lists, receives information by email, uses our applications, completes surveys, and/or posts comments, requests information, or contacts our customer services. The Airline may also obtain Personal Information from other sources, including paid sources such as public databases and information aggregators, as well as from third parties;
- directly from the Airline's employees, their close relatives, individuals who have entered into an independent contractor agreement with the Airline or are members of the Airline's management bodies, for the purpose of human resource accounting and/or for the purpose of attracting and selecting candidates for vacant positions and/or maintaining the corporate telephone directory and/or conducting administrative and business activities;
- directly from candidates applying for vacant positions or from external recruitment agencies to attract and select candidates for vacant positions;
- from state authorities and organizations in order to comply with legal requirements;
- by collecting and accumulating new personal data in the course of interaction with the subject (history of transactions, contacts), in the course of use of personal data subjects accessing the Airline's websites and mobile applications (data on location, IP addresses, actions on websites and applications) or in the course of legitimate acquisition of the above mentioned personal data from third parties in order to improve the quality of services provided, provide advice to potential and current customers and prepare marketing offers;
- from publicly available sources to obtain knowledge about the subject in order to create custom offers.
4. Personal Data Processing Purposes.
4.1. The Airline processes Personal Data for the following purposes:
- provision of air transportation services and/or other services provided by service providers via Internet and (or) via phone including bonuses for frequent flyers; providing a feedback with customers of air transportation services; compensation for the cost of lost/damaged baggage (cargo); additional post-sales informing on changes in departure details and the receipt of additional services; execution of air transportation agreements; providing transportation security; maintaining a system of accounting for income, expenses and monitoring of the sale of air transportation; accounting of financial information of the agencies of the Airline; providing accounting and information to authorized bodies; enforcement of laws and other regulatory legal acts;
- provision by the Airline of refund and (or) changes of the terms of air transport services provided and/or other services provided by service providers via Internet and (or) via phone;
- consideration of applications and claims;
- provision of safety of services provided and fraud prevention;
- informing about the current promotions, other products and services of the Operator and suppliers and sending information content about the services provided, including announcements, news and service messages.
- provision of compliance with legislative requirements and other statutory and regulatory enactments and international agreements;
- performance of functions, authorities and responsibilities assigned by law to the Airline, including the provision of Personal Data to Governmental Authorities;
- regulation of employment relations with employees of the Airline (assistance in finding employment, training and promotion, ensuring personal safety, monitoring the quantity and quality of work performed, ensuring the safety of property);
- providing employees of the Airline and members of their families with additional guarantees and compensations, including the provision of non-state pension, voluntary medical insurance, medical services and other types of social security services;
- protection of life and health or other vital interests of Personal Data Subjects;
- preparation, conclusion, performance and termination of contracts with contractors;
- ensuring access control and internal security policy at transport infrastructure facilities;
- formation of reference sources for internal communication;
- enforcement of judicial acts, acts of other bodies or officials to be executed in accordance with the law;
- exercising of Airline's rights and legitimate interests or achievement of socially significant purposes;
- execution of immigration requirements;
- other legal purposes.
4.1.1. For the purposes of participating in contests and games, the Airline processes the following categories of Personal Data: name, last name, patronymic, applicable additional forms of address (degrees, titles, etc.), postal address, email address, home or mobile phone number, age, date of birth, gender, "Frequent Flyer" number under the Airline's Loyalty Program, passport details (number, country of issue, expiration date), user-created content, or any other Personal Data that is sent as required by a contest or a game.
The Airline processes Personal Data for prize drawing, games or competitions in which the Subject participated.
4.1.2. For the purpose of purchasing and/or providing Services (e.g. airline tickets, online shop, online registration).
For this purpose, the Airline processes the following categories of Personal Data: name, last name, patronymic, applicable additional forms of address (degrees, titles, etc.), postal address, email address, home or mobile phone number, age, date of birth, gender, "Frequent Flyer" number under the Airline's Loyalty Program, payment history, payment information (e.g. information about the airline or the bank card), order history, age, date of birth, gender, passport data (number, country of issue, expiration date), travel itinerary, information on the processing of the Subject's requests (including information on special requirements).
The Airline processes Personal Data for processing orders (and rendering corresponding Services) made both online and in person at sales offices. Personal Data of Subjects related to payment may be transferred to payment service providers for payment processing.
4.1.3. For the purpose of facilitating the fulfillment of migration requirements, the categories of Personal Data collected for this purpose depend on the requirements of the country concerned and may include, among other things, the date of booking/ticket issue, date(s) of the intended travel, name(s), available information on the frequent flyer and the bonuses provided (i.e. free tickets, upgrades, etc.), including the number of passengers, available contact information (including the name of the person who has provided the relevant information), available information on payments/accounts, travel itinerary, travel agency/travel agent, codeshare information, complex itinerary information, passenger travel status (including confirmation and check-in status), ticket information, including the ticket number, one-way tickets and automatic payment, baggage information, passenger seat information, including the seat number, general remarks, including other additional information, information on provision of special services and request for such services, extended passenger data.
Many countries require airlines to provide them with arrival and departure data, even for the purpose of flying over the territory of the country.
4.2. When processing Personal Data, the Airline performs the following functions:
- takes measures necessary and sufficient to ensure compliance with legal requirements in the field of Personal Data processing;
- takes legal, organizational and technical measures to protect personal data from unlawful or accidental access to it, destruction, modification, blocking, copying, provision, distribution of personal data, as well as other illegal actions in relation to personal data;
- appoints a person responsible for organizing Personal Data processing at the Airline;
- issues local regulations defining the policy and the issues of Personal Data processing and protection in the Airline;
- ensures familiarization of the Airline's employees directly involved in Personal Data processing with the provisions of the legislation and local regulations in the field of Personal Data processing, including the requirements for the protection of personal data, and training of these employees;
- publishes this Policy at the Airline's Website and provides unlimited access to it;
- duly informs personal data subjects or their representatives on the availability of personal data related to the relevant subjects, provides the opportunity to inspect this personal data when contacting and/or being requested by said personal data subjects or their representatives, unless otherwise is stipulated by law;
- stops processing and destroys Personal Data in cases stipulated by law;
- performs other actions prescribed by law in the field of Personal Data processing.
4.4. The Airline performs the following actions with personal data provided:
- Review (update, modification);
- Transfer (disclosure, provision, access), including cross-border data transfer to countries that provide adequate protection for the rights of data subjects;
- Access denial;
- Deletion or destruction;
- Grouping and combination.
The above actions can be carried out by the Airline using automation tools, including in information and telecommunication networks, or without using them, if Personal Data processing without using them complies with the nature of the actions (operations) performed with Personal Data using automation tools therefore allowing to use a preset algorithm to search for Personal Data recorded on material media and contained in card index or other systematic collections of Personal Data, and/or access to such personal data.
4.5. The target audience of the Services and Websites is adults, however, there may be cases when a person under the age of 18 decides to get acquainted with the Services on our Website or purchase corresponding Services. If we know that a customer is under the age of 18, we will not use such customer’s Personal Data for marketing purposes unless consent of his/her parents (or legal representatives) for his/her Data processing is provided to us in writing.
To provide consent of your parents (or legal representatives) in writing, contact the Airline using contact information, mentioned in Section 10 of this Policy.
5. The Rights of Personal Data Subjects
5.1. Each Subject whose personal data is processed by the Airline has a number of rights and freedoms regarding his/her personal data, including:
|Personal data access||The Subject has the right to request confirmation of the processing of Personal Data. In the case of such processing, the Subject has the right to inspect the Personal Data processed, as well as information about the purposes of processing, the category of data processed, actions with data, data recipients and guarantees when transferring data to third parties, processing time, data sources, the availability of an exclusively automated decision-making process. The Subject also has the right to receive a list of Personal Data being processed.|
|Correction of Personal Data||The Subject has the right to claim to correct his/her Personal Data in case of inaccuracies found in the Personal Data processed by the Airline. With regard to the purposes of processing, the Subject has the right to make additions to Personal Data, including via providing an additional application.|
|Personal data processing restriction||The Subject has the right to initiate a restriction on the processing of all or part of his/her personal data if one of the following applies:
|Personal data deletion||The Subject has the right to claim to delete his/her Personal Data from the Airline's systems and/or other present material sources if one of the following applies:
|Data portability||The Subject has the right to request a list of his/her Personal Data provided to the Airline for the processing in a structured, uniform and machine-readable format, and to instruct the Airline to transfer his/her personal data to a third party if the Airline has an appropriate technical capability to do so. In this case, the Airline shall not be responsible for further actions of a third party related to the personal data.|
|Opposing personal data processing||A Data Subject has a right to oppose processing of all or part of the list of his/her Personal Data for the purposes indicated when the personal data was provided for the Airline, except for the cases where the legal grounds for personal data processing prevail over the interests, rights and freedoms of the Data Subject or where the processing of the Personal Data is necessary for substantiation, execution or defense in legal proceedings.|
|Refusal to carry out marketing activities||The data subject has a right to request to limit his/her Personal Data processing for the purpose of marketing activities carried out by the Airline.|
|Bringing a complaint to the national supervisory authority, at the address of permanent residence in the EU||The Data Subject has a right to bring a complaint to the supervisory authority if the Airline in any way violates his/her rights in relation to Personal Data processing.|
5.2. The Subject is not obliged to provide his/her Personal Data. However, if the Subject does not want to provide his/her Personal Data, the right for using the services of the Airline may be limited.
5.3. Marketing messages are part of the Loyalty Program. Thus, registration for participation in the Loyalty Program is considered as consent to receive marketing messages.
If the Subject does not provide relevant Personal Data or rejects cookies or does not give a consent to services besides services ordered or participation in the Loyalty Program, the Subject may not receive these services or interrupt the process of their performance.
5.4. In case of receiving a request from a Subject which is a potential customer of the Airline for restriction of the processing, deletion of Personal Data or an objection against their processing, the Airline has the right to refuse to provide the Personal Data Subject with said services. If a Data Subject being a party to a contract with the Airline or being a beneficiary/surety under such a contract, submits a request for restriction or deletion of his/her Personal Data or opposes the their use or withholds the consent given earlier, the Airline has the right to continue to process his/her Personal Data until compliance with the terms and conditions of the existing agreements and compliance with the legislative requirements is ensured.
6. Personal Data Transfer (including transfer across the border).
6.1. In accordance with the predefined purposes and legislative requirements, the Airline may transfer Personal Data to the following categories of third parties:
- Foreign counterparties;
- Public authorities or other bodies to ensure compliance with legislative requirements.
Transfer of Personal Data across the border to the states that do not ensure adequate protection of Personal Data Subjects’ rights shall be carried out strictly with the consent from the Data Subject and/or for the purpose of performance of a contract and/or for the purpose of compliance with legislative requirements.
For the purpose of transfer of Personal Data to third parties located outside the countries that are parties to the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, as well as outside the countries which ensure adequate Personal Data protection, contracts are concluded with the corresponding third parties (where applicable in accordance with applicable legislation on Personal Data protection), containing “Standard Contractual Clauses” (SCC) which guarantee the compliance with the rights and freedoms of Personal Data Subjects. The list of third parties and of the Personal Data transferred to them may be requested from the person responsible for the organization of processing and protection of Personal Data in the Airline.
7.1. A cookie is a small fragment of data which a website requests from the browser used on your PC or mobile device. Cookies reflect your actions or preferences. Cookies are stored locally on your PC or on a mobile device. Users can delete saved cookie files as they wish.
|Session||User-Website Interaction Data usually store the session identifier which allows the user to move from page to page without reauthentication on the website. Browsers usually delete session cookies after the user closes the browser window. Session cookies help us improve our products and make your work on our website more convenient. The cookies which are stored on a user’s PC and which are not deleted after the browser is closed. Permanent cookies can save information about the user’s settings for a particular website allowing the use of these preferences in further sessions.|
|Permanent||Permanent cookies can be used by a website to analyze users' behavior on a website, as well as to provide information on the number of visitors, on the average time spent on a particular page, and usually on the performance of the website.|
After switching off the option of using cookies in a browser, a user can find out that some sections of the Airline’s Website do not work properly. Instructions on managing cookies can usually be found in the browser Help.
7.4. The Airline uses the following Cookies:
- strictly necessary Cookies are needed exclusively to access closed sections of the Website using a pre-allocated personal login and password;
- Web Analytics Cookies help improve productivity of our Website and to make it more user-friendly. Via Web Analytics Cookies, we obtain information about the quality and effectiveness of our services. These Cookies collect statistical depersonalized data on how users use our Website, including the number of visitors and the pages they viewed on our Website. This data helps us understand the needs of visitors and improve the content presented. Whether cookies will be stored on your Device and for how long mainly depends on whether they are Permanent or Session type cookies. "Session cookies" are cookies which are stored on the Subject's Device until the browser is closed. On the contrary, "Permanent cookies" are stored on the Subject's Device until their expiry date or until you delete them (e.g., by deleting your browsing history, or by specifically deleting cookies through your browser settings). For specific cookie storage times, please see the Cookie Table.
|Cookie name||Information||Validity period|
You may call your consent off anytime, e.g., by deleting Cookies.
7.6. Browser Settings.
If you wish, you can configure the settings of your device's browser which you are using to view the Website to enable or disable or delete Cookies.
To delete saved Cookies, use the links below to get instructions for your browser:
Chrome browser settings link;
Firefox browser settings link;
InternetExplorer browser settings link;
Opera browser settings link;
Safari browser settings link;
8. Personal Data Retaining Period
8.1. The Airline retains Personal Data exclusively during the period to meet the purpose, excluding cases, when the Law establishes a longer period for retaining Personal Data.
9. Subjects' Personal Data Protection.
9.1. The Airline takes appropriate technical and organizational measures to protect Personal Data provided from accidental or illegal destruction, loss, modification, unauthorized disclosure or access. The processing and transfer of data through our Sites is encrypted to provide the highest possible security of data (including Personal Data) transfer between the Subject's web browser and the Airline's Internet system. The URL of a website with an SSL connection to the browser starts with "https://". Most browsers indicate SSL-encrypted websites by displaying an icon of a closed padlock. This icon can be located in the address bar or the bottom status bar. If the Subject has disabled his/her status bar, this icon may not be displayed even on websites that use SSL.
9.2. Measures necessary and sufficient to ensure the Airline's fulfillment of its obligations of a processing operator provided for by the personal data processing legislation include:
- appointing a person responsible for organizing the personal data processing at the Company;
- acceptance of any local regulations and other documents for processing and protecting personal data;
- organization of training and carrying out methodological work with employees of the Airline at positions included on the basis of the order of the Airline in the list of positions of functional areas of the Airline the replacement of which requires the processing of personal data;
- obtaining the consent of the Subjects of Personal Data to process their personal data, with the exception of cases provided for by legislation;
- segregation of personal data processed without using automatic means from other data, in particular, by recording them on separate material media for personal data and special sections;
- providing separate storage of Personal Data and its material media processed for different purposes and containing different categories of Personal data;
- storage of personal data material media in compliance with the conditions ensuring their safety and preventing unauthorized access to them;
- internal control of compliance of personal data processing with legislation;
- other measures provided by personal data processing legislation;
Measures to ensure the security of personal data when processing data in personal data information systems are established in accordance with the requirements of legislative and other regulatory legal acts regulating the security of personal data when being processed in the Airline’s personal data information systems.
9.3. A person, responsible for organizing personal data processing, in particular, is responsible for the organization of:
- internal control for the Airline's employees' compliance with personal data processing legislation, including the personal data protection requirements;
- making the Airline's employees aware of the provisions of the legislation concerning personal data, including the personal data protection requirements;
- control over the acceptance and processing of applications and requests from data subjects or their representatives.
9.4. Control over functional areas' compliance with legislation concerning personal data, including personal data protection requirements, is carried out in order to verify the compliance of the Airline's personal data processing with personal data legislation, including personal data protection requirements, as well as measures taken for the prevention and detection of violations of the personal data legislation, identification of possible data leak and unauthorized access to personal data and the remedy of the consequences of such violations.
10.2. Deputy Executive Director for Aviation Security and Occupational Safety Sergei Viktorovich Chizhov is the person responsible for the organization of Airline's personal data processing.
You may contact the person responsible for Data protection and the organization of data processing using the following contact information:
Тел: +7 918-522-24-51
10.2.1. Airline Representative in the European Union:
MarienbaderPlatz 22. 61348 Bad Homburg Deuschland. Tel.: +49 6172 6818711
For detailed contact data, please visit Airline's Website: https://azimuth.aero.
Consent to the processing, transfer of personal data
|Date of placement||Document name||Status||File size|
|18.10.2019||Consent to the processing, transfer of personal data to third parties and receipt of advertising and information messages||Valid||248 Kb|