Personal Data Processing Policy
This Personal Data Processing Policy (the “Policy”) has been drafted in accordance with Federal law of the Russian Federation “On Personal Data” (July 27, 2006, No. 152-FZ) (the “Personal Data Law”) and defines the procedure for processing personal data and the measures adopted by “Rich Travel Group” LLC (the “Operator”) to ensure their security.
1.1. The Operator’s foremost goal and prerequisite for conducting its activities is to uphold the rights and freedoms of individuals when processing their personal data, including the right to privacy and the inviolability of personal and family life.
1.2. This Policy applies to all information the Operator may obtain about visitors to the website https://africanland.ae/.
1.1. The Operator’s foremost goal and prerequisite for conducting its activities is to uphold the rights and freedoms of individuals when processing their personal data, including the right to privacy and the inviolability of personal and family life.
1.2. This Policy applies to all information the Operator may obtain about visitors to the website https://africanland.ae/.
2.1. Automated processing of personal data – the handling of personal data by means of computer technologies.
2.2. Blocking of personal data – the temporary cessation of personal-data processing (except where continued processing is required to clarify the data).
2.3. Website – a collection of graphic and informational materials, together with software and databases, made available on the Internet at https://africanland.ae/.
2.4. Personal-data information system – a set of personal data contained in databases, along with the information technologies and technical facilities that enable their processing.
2.5. Anonymization of personal data – actions that make it impossible, without additional information, to determine to which User or other data subject the personal data belong.
2.6. Processing of personal data – any operation or set of operations performed with or without automation on personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, and destruction.
2.7. Operator – a state or municipal authority, legal entity, or individual who, independently or jointly with others, organizes or carries out personal-data processing and determines the purposes of such processing, the scope of personal data to be processed, and the actions (operations) performed with the data.
2.8. Personal data – any information that relates, directly or indirectly, to an identified or identifiable User of the website https://africanland.ae/.
2.9. Personal data made publicly available by the data subject – personal data to which an unlimited number of persons are granted access by the data subject’s consent in accordance with the Personal Data Law (hereinafter “personal data permitted for dissemination”).
2.10. User – any visitor to the website https://africanland.ae/.
2.11. Provision of personal data – actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Dissemination of personal data – any actions aimed at disclosing personal data to an indefinite circle of persons (the transfer of personal data) or at making personal data available to an indefinite circle of persons, including publication in the mass media, posting in information and telecommunication networks, or providing access to personal data in any other manner.
2.13. Cross-border transfer of personal data – the transfer of personal data to the territory of a foreign state, to a foreign government body, or to a foreign individual or legal entity.
2.14. Destruction of personal data – any actions that irreversibly eliminate personal data, making it impossible to restore their content within the personal-data information system or that destroy the physical media on which the data are stored.
2.2. Blocking of personal data – the temporary cessation of personal-data processing (except where continued processing is required to clarify the data).
2.3. Website – a collection of graphic and informational materials, together with software and databases, made available on the Internet at https://africanland.ae/.
2.4. Personal-data information system – a set of personal data contained in databases, along with the information technologies and technical facilities that enable their processing.
2.5. Anonymization of personal data – actions that make it impossible, without additional information, to determine to which User or other data subject the personal data belong.
2.6. Processing of personal data – any operation or set of operations performed with or without automation on personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, and destruction.
2.7. Operator – a state or municipal authority, legal entity, or individual who, independently or jointly with others, organizes or carries out personal-data processing and determines the purposes of such processing, the scope of personal data to be processed, and the actions (operations) performed with the data.
2.8. Personal data – any information that relates, directly or indirectly, to an identified or identifiable User of the website https://africanland.ae/.
2.9. Personal data made publicly available by the data subject – personal data to which an unlimited number of persons are granted access by the data subject’s consent in accordance with the Personal Data Law (hereinafter “personal data permitted for dissemination”).
2.10. User – any visitor to the website https://africanland.ae/.
2.11. Provision of personal data – actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Dissemination of personal data – any actions aimed at disclosing personal data to an indefinite circle of persons (the transfer of personal data) or at making personal data available to an indefinite circle of persons, including publication in the mass media, posting in information and telecommunication networks, or providing access to personal data in any other manner.
2.13. Cross-border transfer of personal data – the transfer of personal data to the territory of a foreign state, to a foreign government body, or to a foreign individual or legal entity.
2.14. Destruction of personal data – any actions that irreversibly eliminate personal data, making it impossible to restore their content within the personal-data information system or that destroy the physical media on which the data are stored.
3.1 The Operator has the right to:
– Obtain from the data subject accurate information or documents containing personal data;
– Continue processing personal data without the subject’s consent if the subject withdraws consent or demands that processing cease, provided the grounds set out in the Personal Data Law apply;
– Independently determine the scope and list of measures necessary and sufficient to fulfill the obligations established by the Personal Data Law and related regulations, unless otherwise required by the Personal Data Law or other federal statutes.
3.2 The Operator shall:
– Provide the data subject, upon request, with information concerning the processing of his or her personal data;
– Organize personal-data processing in accordance with current Russian legislation;
– Respond to inquiries and requests from data subjects and their legal representatives in compliance with the Personal Data Law;
– Furnish the authorized body for the protection of personal-data subjects’ rights with the requested information within ten days of receiving such a request;
– Publish this Personal Data Processing Policy or otherwise ensure unrestricted access to it;
– Adopt legal, organizational, and technical measures to safeguard personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, dissemination, and any other unlawful actions;
– Cease the transfer (dissemination, provision, access) of personal data, halt processing, and destroy the data in the manner and circumstances prescribed by the Personal Data Law;
– Fulfill any other obligations set forth in the Personal Data Law.
– Obtain from the data subject accurate information or documents containing personal data;
– Continue processing personal data without the subject’s consent if the subject withdraws consent or demands that processing cease, provided the grounds set out in the Personal Data Law apply;
– Independently determine the scope and list of measures necessary and sufficient to fulfill the obligations established by the Personal Data Law and related regulations, unless otherwise required by the Personal Data Law or other federal statutes.
3.2 The Operator shall:
– Provide the data subject, upon request, with information concerning the processing of his or her personal data;
– Organize personal-data processing in accordance with current Russian legislation;
– Respond to inquiries and requests from data subjects and their legal representatives in compliance with the Personal Data Law;
– Furnish the authorized body for the protection of personal-data subjects’ rights with the requested information within ten days of receiving such a request;
– Publish this Personal Data Processing Policy or otherwise ensure unrestricted access to it;
– Adopt legal, organizational, and technical measures to safeguard personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, dissemination, and any other unlawful actions;
– Cease the transfer (dissemination, provision, access) of personal data, halt processing, and destroy the data in the manner and circumstances prescribed by the Personal Data Law;
– Fulfill any other obligations set forth in the Personal Data Law.
4.1. Personal data subjects have the right to:
– Obtain information regarding the processing of their personal data, except in cases specified by federal law. Such information is provided by the Operator in an accessible form and must not include personal data relating to other subjects unless there are legal grounds for disclosure. The list of information and the procedure for obtaining it are set out in the Personal Data Law;
– Demand that the Operator clarify, block, or destroy their personal data if the data are incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose of processing, and to take the legal measures available to protect their rights;
– Require prior consent for the processing of their personal data for the purpose of marketing goods, works, or services;
– Withdraw consent to the processing of personal data and demand that processing cease;
– Complain to the authorized body for the protection of personal-data subjects’ rights or to a court about unlawful actions or inaction by the Operator in processing their personal data;
– Exercise any other rights provided for by Russian law.
4.2. Personal data subjects must:
– Provide the Operator with accurate information about themselves;
– Inform the Operator of any updates or changes to their personal data.
4.3. Persons who submit inaccurate information about themselves to the Operator, or information about another personal data subject without that subject’s consent, bear liability in accordance with Russian law.
– Obtain information regarding the processing of their personal data, except in cases specified by federal law. Such information is provided by the Operator in an accessible form and must not include personal data relating to other subjects unless there are legal grounds for disclosure. The list of information and the procedure for obtaining it are set out in the Personal Data Law;
– Demand that the Operator clarify, block, or destroy their personal data if the data are incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose of processing, and to take the legal measures available to protect their rights;
– Require prior consent for the processing of their personal data for the purpose of marketing goods, works, or services;
– Withdraw consent to the processing of personal data and demand that processing cease;
– Complain to the authorized body for the protection of personal-data subjects’ rights or to a court about unlawful actions or inaction by the Operator in processing their personal data;
– Exercise any other rights provided for by Russian law.
4.2. Personal data subjects must:
– Provide the Operator with accurate information about themselves;
– Inform the Operator of any updates or changes to their personal data.
4.3. Persons who submit inaccurate information about themselves to the Operator, or information about another personal data subject without that subject’s consent, bear liability in accordance with Russian law.
5.1 Personal data are processed on a lawful and fair basis.
5.2 Processing is limited to achieving specific, pre-defined, and legitimate purposes; processing incompatible with the purposes for which the data were collected is not permitted.
5.3 Databases containing personal data processed for incompatible purposes may not be merged.
5.4 Only personal data relevant to the stated purposes are subject to processing.
5.5 The content and scope of processed personal data must correspond to the declared purposes; excessive data relative to those purposes are not allowed.
5.6 During processing, the accuracy, sufficiency, and, when necessary, currency of personal data must be ensured. The Operator shall take, or ensure the taking of, necessary measures to delete or correct incomplete or inaccurate data.
5.7 Personal data shall be stored in a form that enables identification of the data subject for no longer than required to achieve the processing purposes, unless a longer period is set by federal law or by a contract to which the data subject is a party, beneficiary, or guarantor. Once the purposes have been achieved, or when they are no longer needed, the personal data must be destroyed or anonymized unless otherwise provided by federal law.
5.2 Processing is limited to achieving specific, pre-defined, and legitimate purposes; processing incompatible with the purposes for which the data were collected is not permitted.
5.3 Databases containing personal data processed for incompatible purposes may not be merged.
5.4 Only personal data relevant to the stated purposes are subject to processing.
5.5 The content and scope of processed personal data must correspond to the declared purposes; excessive data relative to those purposes are not allowed.
5.6 During processing, the accuracy, sufficiency, and, when necessary, currency of personal data must be ensured. The Operator shall take, or ensure the taking of, necessary measures to delete or correct incomplete or inaccurate data.
5.7 Personal data shall be stored in a form that enables identification of the data subject for no longer than required to achieve the processing purposes, unless a longer period is set by federal law or by a contract to which the data subject is a party, beneficiary, or guarantor. Once the purposes have been achieved, or when they are no longer needed, the personal data must be destroyed or anonymized unless otherwise provided by federal law.
Processing purpose
informing the User by sending email messages
Personal data involved
Second name, First name, Patronymic
Email
Phone numbers
Legal grounds
the Operator’s charter and founding documents
contracts concluded between the Operator and the data subject
Types of processing
Collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data
Dispatch of informational emails to the user
Contacting clients to provide advice on current tours, offers, and travel prices.
informing the User by sending email messages
Personal data involved
Second name, First name, Patronymic
Phone numbers
Legal grounds
the Operator’s charter and founding documents
contracts concluded between the Operator and the data subject
Types of processing
Collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data
Dispatch of informational emails to the user
Contacting clients to provide advice on current tours, offers, and travel prices.
7.1. Personal data are processed with the data subject’s consent.
7.2. Processing is required to achieve goals set by an international treaty of the Russian Federation or by law, or to enable the Operator to perform functions, powers, and duties imposed by Russian legislation.
7.3. Processing is necessary for the administration of justice, execution of a court judgment, or enforcement of an act issued by another body or official in accordance with Russian enforcement-proceedings law.
7.4. Processing is necessary for the performance of a contract to which the data subject is a party, beneficiary, or guarantor, or for entering into a contract at the data subject’s initiative, or a contract under which the data subject will be a beneficiary or guarantor.
7.5. Processing is necessary to protect the rights and legitimate interests of the Operator or third parties, or to achieve socially significant objectives, provided that the data subject’s rights and freedoms are not infringed.
7.6. Processing is carried out on personal data that the data subject has made available to an unlimited number of persons, or has requested be made public (“publicly available personal data”).
7.7. Processing is carried out on personal data that must be published or disclosed under federal law.
7.2. Processing is required to achieve goals set by an international treaty of the Russian Federation or by law, or to enable the Operator to perform functions, powers, and duties imposed by Russian legislation.
7.3. Processing is necessary for the administration of justice, execution of a court judgment, or enforcement of an act issued by another body or official in accordance with Russian enforcement-proceedings law.
7.4. Processing is necessary for the performance of a contract to which the data subject is a party, beneficiary, or guarantor, or for entering into a contract at the data subject’s initiative, or a contract under which the data subject will be a beneficiary or guarantor.
7.5. Processing is necessary to protect the rights and legitimate interests of the Operator or third parties, or to achieve socially significant objectives, provided that the data subject’s rights and freedoms are not infringed.
7.6. Processing is carried out on personal data that the data subject has made available to an unlimited number of persons, or has requested be made public (“publicly available personal data”).
7.7. Processing is carried out on personal data that must be published or disclosed under federal law.
The security of personal data processed by the Operator is ensured through the legal, organizational, and technical measures required to fully comply with current personal-data protection legislation.
8.1. The Operator safeguards personal data and takes every possible step to prevent unauthorized access.
8.2. A User’s personal data will never, under any circumstances, be passed to third parties except as required by law or when the data subject has consented to the transfer so that obligations under a civil-law contract can be fulfilled.
8.3. If any personal data prove inaccurate, the User may update them by emailing the Operator at sales@africanland.ae with “Personal-data update” in the subject line.
8.4. Personal data are processed only for as long as needed to achieve the purposes for which they were collected, unless a different period is set by contract or by law. The User may withdraw consent at any time by emailing the Operator at sales@africanland.ae with “Withdrawal of consent to personal-data processing” in the subject line.
8.5. All information collected by third-party services-such as payment systems, communications providers, and other suppliers-is stored and processed by those parties in accordance with their own user agreements and privacy policies. The data subject should familiarize himself or herself with those documents. The Operator is not responsible for the actions of third parties, including the service providers mentioned in this clause.
8.6. Restrictions imposed by the data subject on the transfer (other than granting access), processing, or conditions of processing of personal data made public by the data subject do not apply when the data are processed for state, public, or other socially significant purposes defined by Russian law.
8.1. The Operator safeguards personal data and takes every possible step to prevent unauthorized access.
8.2. A User’s personal data will never, under any circumstances, be passed to third parties except as required by law or when the data subject has consented to the transfer so that obligations under a civil-law contract can be fulfilled.
8.3. If any personal data prove inaccurate, the User may update them by emailing the Operator at sales@africanland.ae with “Personal-data update” in the subject line.
8.4. Personal data are processed only for as long as needed to achieve the purposes for which they were collected, unless a different period is set by contract or by law. The User may withdraw consent at any time by emailing the Operator at sales@africanland.ae with “Withdrawal of consent to personal-data processing” in the subject line.
8.5. All information collected by third-party services-such as payment systems, communications providers, and other suppliers-is stored and processed by those parties in accordance with their own user agreements and privacy policies. The data subject should familiarize himself or herself with those documents. The Operator is not responsible for the actions of third parties, including the service providers mentioned in this clause.
8.6. Restrictions imposed by the data subject on the transfer (other than granting access), processing, or conditions of processing of personal data made public by the data subject do not apply when the data are processed for state, public, or other socially significant purposes defined by Russian law.
9.1 The Operator collects, records, systematizes, accumulates, stores, updates (renews, amends), retrieves, uses, transfers (distributes, provides, grants access to), anonymizes, blocks, deletes, and destroys personal data.
9.2 The Operator conducts automated processing of personal data with or without the receipt and/or transmission of the resulting information via telecommunications networks.
9.2 The Operator conducts automated processing of personal data with or without the receipt and/or transmission of the resulting information via telecommunications networks.
10.1 Before commencing any cross-border transfer of personal data, the Operator must notify the authorized body for the protection of data-subjects’ rights of its intention to do so; this notice is submitted separately from the general notification of personal-data processing.
10.2 Prior to filing this notice, the Operator must obtain the relevant information from the foreign state authorities, foreign individuals, or foreign legal entities to whom the personal data are to be transferred.
10.2 Prior to filing this notice, the Operator must obtain the relevant information from the foreign state authorities, foreign individuals, or foreign legal entities to whom the personal data are to be transferred.
The Operator and any other parties with access to personal data must not disclose or disseminate them to third parties without the data subject’s consent unless federal law provides otherwise.
12.1 The User may request clarification on any aspect of personal-data processing by emailing the Operator at sales@africanland.ae.
12.2 Any changes to this Policy will be reflected in this document. The Policy remains in force indefinitely until replaced by a new version.
12.3 The current version of the Policy is publicly available at https://africanland.ae/privacy.
12.2 Any changes to this Policy will be reflected in this document. The Policy remains in force indefinitely until replaced by a new version.
12.3 The current version of the Policy is publicly available at https://africanland.ae/privacy.