This Privacy Statement (hereinafter referred to as the "Statement"):

• Applies to RAKETA LLC (hereinafter referred to as RAKETA), which is a data controller (in the meaning of this term given in the General Data Protection Regulation 2016/679 EC) or an operator (in the meaning of this term given in the Federal Law of the Russian Federation No. 152- FZ "On Personal Data"), registered at: 620026, Russia, Sverdlovsk region, Yekaterinburg, Yekaterinburg, Engels str., 36, office 1101;
• Determines what information about the User (hereinafter referred to as "User's Personal Data") is collected by RAKETA, and for what purposes RAKETA uses this information;
• Applies to all Contracts concluded between RAKETA and the Client/Agency;
• Defines the principles of processing the User's Personal Data.

RAKETA considers the confidentiality of information (personal data) as a fundamental principle of doing business. The data protection policy and methods are focused on the processing, transfer and storage of personal data in an appropriate and lawful manner, in order to ensure their confidentiality, integrity and accessibility.

RAKETA processes Passengers' Personal Data on the territory of the Russian Federation and the EU.

The RAKETA website and mobile application comply with the requirements of Federal Law No. 152-FZ "On Personal Data", the General Data Protection Regulation (GDPR), (Regulation (EU) 2016/679), which are binding legislative acts in the Russian Federation and the EU, respectively.

Responsible for ensuring the security of PD RAKETA continuously ensures compliance with the principles of this Regulation and considers all issues related to the protection of personal data. The contact details of the PD Security Officer, to which the Passenger can send questions and complaints related to the processing of their Personal Data, are as follows: security@raketa.travel

1. PRINCIPLES THAT GUIDE RAKETA IN THE PROCESSING OF PERSONAL DATA

RAKETA's Privacy Statement is based on the following principles:

• The collection of Personal Data is carried out only for specific, clear and legitimate purposes and does not provide for further processing of data that is incompatible with these purposes (target restriction);
• The processing of Personal Data is carried out in a lawful, fair and open manner (legality, fairness and openness);
• The collection of Personal Data is limited only to the information necessary for the purposes for which this data is collected (data minimization);
• Personal data is accurate and, if necessary, deleted or corrected without delay (accuracy);
• Personal data is stored in a form that allows identification of the data subject for the time necessary for the purposes for which this data was collected (storage restriction);
• The processing of Personal Data is carried out in a manner that ensures the appropriate security of personal data, including protection against unauthorized or illegal processing, as well as against accidental loss, damage or destruction, using appropriate technical and organizational measures (integrity and confidentiality);
• Data subjects have the right to access their Personal Data, to change or delete it, to restrict processing, to object to it, as well as the right to transfer data.

2. COLLECTION OF PERSONAL DATA

RAKETA collects the following Personal Data of Users, as well as other data related to the provision of tourist services to the user, when using the RAKETA website, mobile site and mobile applications:

• Surname;
• Name;
• Middle name;
• Email address;
• Contact phone number;
• Paul;
• Date of birth;
• Citizenship;
• Place of birth;
• Number and series of the passport of a citizen of the Russian Federation;
• Copy of the passport of a citizen of the Russian Federation;
• A copy of the passport of a citizen of the Russian Federation;
• A copy of the passport of another country;
• A copy of the birth certificate.

Some pages of RAKETA's website, mobile site and mobile application use cookies. For more information, please refer to the Cookie Policy.

3. PURPOSES OF USING USERS' PERSONAL DATA

RAKETA uses the information received from Users for the purposes of:

• User identification when the Operator communicates with the Site User;
• Marketing research and provision
• information about products and services;
• Hotel reservations;
• Purchase of Aeroexpress tickets;
• Buying plane tickets;
• Buying train tickets;
• Organization of transfers;
• Other services.

Also, Personal Data may be transferred (including as part of the cross-border transfer of Personal Data) by RAKETA to partner organizations for the purpose of booking hotels, air and railway tickets.

4. TRANSFER OF PERSONAL DATA

Personal data is not transferred to third parties, except in cases where such transfer is necessary to fulfill obligations under the Contract for the provision of tourist services to the user. RAKETA does not disclose Personal Data to third parties in order to provide an opportunity to advertise their products and services to RAKETA customers.

RAKETA may provide Clients' Personal Data in response to legitimate requests from government agencies in order to comply with the requirements set forth in applicable law, including, but not limited to, when executing court orders or during other legal procedures initiated by authorized government agencies.

5. DATA PROCESSING SECURITY

RAKETA securely processes Users' Personal Data by applying appropriate technical and organizational measures to protect Personal Data from accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular if the processing involves the transmission of data over the network, as well as protection from other forms of illegal use. Questions about the security of personal data can be directed to the above contact details.

6. ACCESS TO, MODIFICATION OR DELETION OF PERSONAL DATA

RAKETA users have the right to request access to their Personal Data, as well as their modification or deletion, in cases provided for by law.

In order to ensure accuracy (relevance and reliability) RAKETA recommends that Users inform us of any changes or inconsistencies in their Personal Data.

If you have any questions related to:

• Viewing and/or changing Personal Data;
• Access to Personal Data;
• Terms of Personal Data storage;
• Processing of Personal Data in the interests of a third party;

and other questions related to the processing of Personal Data, please contact the above contact details.

7. RESPONSIBILITY

RAKETA monitors compliance with the requirements of applicable legislation and the principles set forth in this Regulation and can demonstrate this at any time. RAKETA keeps records of data processing activities, including the required information, and, if necessary, is ready to provide data to supervisory authorities upon their request.

For any questions related to this Provision, you can contact the above contact details.

8. RESPONSIBILITY OF THE SYSTEM USER

The procedure for ensuring information security when working at RAKETA is determined by the head of the organization connecting to RAKETA, based on recommendations on organizational and technical protection measures set out in the document "Rules for ensuring information security at the workplace", as well as current Russian legislation in the field of information protection.

9. COMPLAINTS

Users have the right to file a complaint regarding the processing of their Personal Data. All complaints and requests are promptly considered in compliance with internal regulations.

Complaints can be sent to the above contact details.

10. MAKING CHANGES TO THE REGULATION

RAKETA reserves the right to make changes to the Regulations from time to time, and hereby warns the User (and the User hereby accepts and agrees) that with each new operation, the Passenger must review these Terms and Conditions for changes made to them.