Personal data processing policy
The policy of Volga-Dnepr Airlines LLC has been developed in accordance with the current legislation of the Russian Federation in order to ensure the protection of the rights and freedoms of the subject of personal data.
Implementing the Personal Data Processing Policy, Volga-Dnepr Airlines LLC, with the consent of the personal data subject, processes public and other personal data. The categories of personal data subjects include: employees, former employees, relatives of employees, candidates for filling vacant positions, clients and counterparties (individuals), employees of counterparties (legal entities).
The main purposes of collecting personal data:
- Conducting personnel work and organization of accounting of Employees of Volga-Dnepr Airlines LLC.
- Carrying out administrative and economic activities by Volga-Dnepr Airlines LLC.
- Recruiting and selecting Candidates for work at Volga-Dnepr Airlines LLC
- Conclusion of any agreements with the PD Subject and their further execution.
- Formation of statistical reporting.
- Fulfillment of obligations to the subject of personal data on business trips.
- Regulation of labor and other relations directly related to them.
- Implementation of other rights and legitimate interests in the framework of the implementation of activities provided for by the Charter and other local regulations of the Company, or the achievement of socially significant goals.
Fundamental principles of personal data processing:
- Processing of personal data is carried out exclusively on legal grounds and only with the consent of the subject of personal data, except as expressly provided by law.
- The processing of personal data is carried out solely for the achievement of the stated purposes.
- The content and scope of the processed personal data correspond to the stated purposes of processing.
- The processed personal data should not be excessive in relation to the declared purposes of their processing.
- When processing personal data, their accuracy, sufficiency, and, in necessary cases, relevance in relation to the purposes of their processing are ensured.
- The storage of personal data is carried out in a form that allows you to determine the subject of personal data, no longer than required by the purposes of processing personal data.
- Ensuring the confidentiality and security of processed personal data.
Principles in relation to personnel:
- The staff of Volga-Dnepr Airlines is a key element in the personal data processing system.
- Each Employee of Volga-Dnepr Airlines participates in the implementation of this Policy.
- Each employee of Volga-Dnepr Airlines is personally responsible for the safety and confidentiality of personal data, as well as the carriers of this information.
Personal data operator in accordance with the principles of personal data protection:
- Publishes this Policy on the official website of Volga-Dnepr Airlines, providing seamless access to it for an unlimited number of persons.
- Provides the possibility for the subject of personal data to clarify their personal data, require their blocking or destruction if the personal data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing, as well as accept other stipulated legal measures to protect their rights.
- Takes organizational, legal and technical measures to ensure the security of personal data during their processing in personal data information systems in accordance with the requirements for personal data security levels established by the legislation of the Russian Federation.
- Issues local acts that define the policy regarding the processing of personal data, as well as local acts that establish procedures aimed at preventing and detecting violations of the legislation of the Russian Federation regarding the processing of personal data and eliminating the consequences of such violations.
- Takes the necessary legal, organizational, and technical measures or ensures their adoption to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data.
- Does not allow disclosure to third parties and distribution of personal data without the consent of the subject of personal data, unless otherwise provided by federal law.
- Appoints persons responsible for organizing the processing of personal data from among its employees, familiarizes employees directly involved in the processing of personal data with the provisions of the legislation of the Russian Federation on personal data and monitors the measures taken to ensure the security of personal data and protect information personal data systems.
- Carries out internal control and (or) audit of compliance of personal data processing with the requirements of the current legislation.
- Carries out interaction with state authorities on the protection of personal data.