Privacy Policy

Privacy Policy

Purpose of the policy is to declare the principles and approaches of JSC NordStar Airlines in implementation of requirements of Federal Law No. 152-FZ of 27 June 2006 “On Personal Data” regarding processing and security of personal data, duties and liability of the Airline in performance of such processing.

JSC NordStar Airlines ensures complete observance of rights and freedoms of citizens in the processing of personal data, including protection of privacy rights, personal and family secrets.

In the processing of personal data in the Airline, the following principles are strictly observed:

• processing of personal data inconsistent with the purposes of collection of personal data is not allowed;
• processing of personal data that do not answer the purposes of processing is not allowed;
• content and composition of the personal data processed in the Airline complies with the stated purposes of processing;
• in the processing of personal data, accuracy, sufficiency and, if necessary, relevance of personal data is ensured;
• personal data are retained for a period not exceeding the period prescribed by the purposes of the personal data processing, as well as federal laws and contracts, party to which, or beneficiary or guarantor under which is the personal data subject;
• processing of personal data is performed in compliance with the principles and rules stipulated by the legislation of the Russian Federation.

Subjects of personal data processed by the Airline are:

• candidates for employment;
• employees;
• representatives of counterparties;
• customers (both individuals and legal entities).

Purposes of processing of personal data in the Airline are:

• organization of the Airline personnel record keeping for ensuring of compliance with the laws and other regulations, assistance to the employee in employment, training, promotion, use of various types of benefits in accordance with the Labor Code of the Russian Federation, Tax Code of the Russian Federation, federal laws, in particular: Federal Law of 1 April 1996 No. 27-FZ «On Individual (Personified) Registration with the System of Mandatory Pension Insurance»;
• conclusion and execution of contracts, fulfillment of requirements of the legislation of the Russian Federation, conducting of marketing research and rendering of services.

Access to personal data is limited in accordance with federal laws and local regulations of the Airline.

The Airline does not disclose personal data received by it as a result of its professional activities.

Employees of the Airline, who have access to personal data, assume obligations on ensuring confidentiality of the personal data processed that are defined by:

• employment agreement;
• instructions with regard to the personal data security.

Access to personal data processed by the Airline on the basis and in the pursuance of regulations is provided to public authorities upon request.

The Airline performs cross-border transfer of personal data in the territory of foreign states only on legal grounds in accordance with the applicable legislation of the Russian Federation and International Agreements. In addition, all requirements for performance of cross-border transfer of personal data provided by the applicable legislation are fulfilled.

The Airline undertakes necessary technical and organizational measures of information security for protection of personal data against unauthorized access, modification, disclosure or destruction by way of internal audits of processes of collection, storage and processing of data and security measures, and by implementation of measures aimed at ensuring physical security of data for prevention of unauthorized access to the systems, where personal data are stored by the Airline.

The Airline takes reasonable measures for maintenance of accuracy and relevance of existing personal data and for deletion of personal data in cases where they become obsolete, unreliable or redundant, or if objectives of processing thereof are achieved. Subjects of personal data are responsible for providing to the Airline of reliable information, as well as for timely updating of the provided data in case of any changes.

If the subject of personal data states his/her willingness to find out, what personal data about him/her the Airline has at its disposal, as well as to supplement, correct, impersonate or delete any incomplete, inaccurate or obsolete personal data, or stop processing of his/her personal data by the Airline, the subject has the right in accordance with the applicable legislation to exercise such a right by contacting the Airline.

In order to fulfill requests from subjects of personal data the Airline may require establishment of identity and request additional information confirming the subject’s participation in the relations with the Airline, or information otherwise confirming the fact of processing of personal data by the Airline. In addition, the applicable legislation may impose restrictions and other conditions relating to the above rights of subjects of personal data.

If the subject has additional questions or suggestions regarding this Policy, he/she can contact the Airline at any time at the following address: pdn@nordstar.ru