Our hotels value the trust of their Guests and Partners
Therefore, in this document published on our website, you can see comprehensive information about the personal data of our guests is collected and how this information is used by us.
Our hotels guarantee that personal data received from a guest is processed in accordance with and in order to comply with Federal Law No. 152-FZ “On Personal Data” (dated July 27, 2006), laws and regulations on migration registration of Russian citizens and foreign citizens , ensuring the safety of hotel property and hotel services; using all necessary organizational and technical measures to ensure the security of personal data within the competence of the hotel, in order to avoid any changes, loss, illegal use and unauthorized access.
Our hotels are responsible for the proper confidential handling of guest data transmitted in particular to bookings via the Internet.
Using the hotel website, room reservation, newsletter
You can use our site without providing any information about your identity, i.e. Anonymous viewing of hotel offers is possible. You can receive information about prices, descriptions of our hotels and their services, view our special offers. In order to successfully book a room for certain dates, you will need contact details that will allow hotel staff to send you a confirmation in response, and then you can confidently use our services.
Our hotels do not share the personal data of guests with third parties.
In case of booking a room, the following information is stored: name and surname, address, phone number, email address, dates of booking the room, arrival and departure times, as well as “additional information for the Hotel” (if you have entered it). The time of booking and the IP address from which the reservation was made are also recorded.
In order to provide a hotel service, your data is used to uniquely identify once your reservation, its execution and calculations on it. In addition to confirming your reservation, you may receive all changes to your reservations or your details.
At the time of arrival and registration at the hotel, you enter into an agreement to use your personal data for specific limited purposes. After leaving the hotel and with your consent, you will be able to receive and use to your advantage special offers of the hotel. The hotel will only use your email address and will only inform you of its own offers. Without giving your consent, you, of course, will not be able to receive information about prices that are favorable to you. If you unsubscribe from the newsletter, your email address will be removed from the recipient list. At any time, these actions on the part of the Hotel will be stopped on the basis of a written application received from you with a request to stop processing your personal data from the date of receipt of your application by the hotel.
Transfer of data to third parties
Our hotels do not store, sell or transfer to third parties personal data of guests, unless the provision of information is a special obligation in accordance with the law of the Russian Federation. Respect for personal information is part of the corporate ethics of the hotel.
Your right to receive information
In accordance with the law on the protection of personal information, you are granted the right to receive information about your stored data, as well as, if necessary, the right to correct, block or delete this data.
Please send your questions, complaints and statements regarding the collection, processing or use of personal data to the hotels indicated on the MINIMA — Hotels website.
In the process of reviewing your personal written request, our hotels guarantee the confidentiality of the information you provide.
On the processing and protection of personal data of customers residing in the MINIMA — Hotels hotel chain
1. General Provisions
1.1. These Regulations are governed by the Constitution of the Russian Federation, the Federal Law “On Information, Information Technologies and Information Protection” N 149-ФЗ dated 07/27/2006, the Federal Law “On Personal Data” N 152-ФЗ dated 07/27/2006 and other regulatory legal acts.
1.2. The basic concepts used in the Regulation: – hotel – an organization that provides hotel services to a client; – client – an individual, a consumer of hotel services, a subject of personal data; – hotel services – the actions of the Hotel to accommodate Customers in the accommodation facility, as well as other activities related to accommodation and accommodation, which includes basic and additional services provided to the Client; – personal data – information stored in any format relating to a specific person (subject to personal data) defined or determined on the basis of such information, which alone or in combination with other information available to the Hotel allows the identification of the Client; – processing of personal data – actions (operations) with personal data, including collection, systematization, accumulation, storage, updating (updating, changing), use, distribution (including transfer), depersonalization, blocking, destruction of personal data; – dissemination of personal data – actions aimed at transferring personal data to a certain circle of persons (transfer of personal data) or at acquainting with personal data of an unlimited circle of persons, including disclosing personal data in the media, posting on information and telecommunication networks or providing access personal data in any other way; – the use of personal data – actions (operations) with personal data performed by the operator in order to make decisions or take other actions that give rise to legal consequences in relation to the subject of personal data or other persons or otherwise affect the rights and freedoms of the subject of personal data or other persons; – confidentiality of personal data – a requirement for the operator or other person who has gained access to personal data to comply with the requirement not to allow their dissemination without the consent of the subject of personal data or the presence of any other legal basis.
1.3. This Regulation establishes the procedure for processing personal data of Clients for whom the Hotel provides a full range of services for the accommodation at the hotel.
1.4. The purpose of the Regulation is to ensure the protection of the rights and freedoms of man and citizen in the processing of his personal data.
1.5. Personal data is processed in order to fulfill the contract for the provision of accommodation or temporary accommodation services, of which the Client is one of the parties. The hotel collects data only to the extent necessary to achieve the named goal.
1.6. Personal data cannot be used for the purpose of causing property and moral harm to citizens, or hindering the exercise of the rights and freedoms of citizens of the Russian Federation.
1.7. These Regulations are approved by the General Director and are binding on all employees who have access to the personal data of the Client.
2. Composition and receipt of personal data of customers
2.1. Personal data collected and processed by the Hotel include:
– personal data (last name, first name, middle name, day, month, year of birth, etc.);
– Passport data;
– Registration address;
– Residence address.
2.2. Hotel employees receive all personal data directly from the personal data subject – Clients.
3. Processing and storage of personal data of customers
3.1 The processing of personal data by the Hotel in the interests of the Customers consists in receiving, systematizing, accumulating, storing, updating (updating, changing), using, distributing, depersonalizing, blocking, destroying and protecting against unauthorized access to the personal data of the Customers.
3.2. Consent of Clients to the processing of personal data is not required, since the processing of personal data is carried out in order to fulfill the contract, one of the parties of which is the subject of personal data – the Client.
3.3. Processing of personal data of customers is carried out by the method of mixed processing.
3.4. Only Hotel employees authorized to work with the Client’s personal data and signed the Non-disclosure Agreement for the Client’s personal data may have access to the processing of personal data of Clients.
3.5. The list of Hotel employees with access to personal data of Clients is determined by order of the General Director.
3.6. Clients’ personal data on paper is stored in premises that provide protection against unauthorized access.
3.7. The personal data of the Clients are electronically stored in the local computer network of the Hotel, in electronic folders and files in the personal computers of employees authorized to process the personal data of the Clients.
4. Use and transfer of personal data of customers
4.1. The use of the Customer’s personal data is carried out by the Hotel solely for the achievement of the goals defined by the contract between the Customer – the Hotel, in particular, to provide accommodation or temporary accommodation services, as well as additional services.
4.2. When transmitting personal data of Clients, the Hotel must comply with the following requirements:
4.2.1. To warn persons receiving personal data of Clients that these data can only be used for the purposes for which they are communicated, and to require confirmation from these persons that this rule has been observed. Persons receiving personal data of customers are required to comply with confidentiality. This provision does not apply in case of depersonalization of personal data and in relation to publicly available data.
4.2.2. Allow access to the personal data of Clients only to specially authorized persons, while these persons should be entitled to receive only those personal data that are necessary to perform specific functions.
4.2.3. When cross-border transfer of personal data, the Hotel must make sure that the foreign state in whose territory the transfer of personal data is carried out provides adequate protection of the rights of subjects of personal data.
4.2.4. Cross-border transfer of personal data on the territory of foreign states that do not provide adequate protection of the rights of subjects of personal data may be carried out in the following cases: – if the Client has written consent; – provided for by international treaties of the Russian Federation on the issue of visas, international treaties of the Russian Federation on the provision of legal assistance in civil, family and criminal matters, as well as international treaties of the Russian Federation on readmission; – provided for by federal laws, if necessary in order to protect the foundations of the constitutional system of the Russian Federation, to ensure the country’s defense and state security; – execution of an agreement to which the subject of personal data is a party; – protection of life, health, other vital interests of the subject of personal data or other persons if it is impossible to obtain written consent of the subject of personal data.
4.3. It is not allowed to answer questions related to the transfer of information containing personal data by phone or fax.
4.4. The Hotel has the right to provide or transfer personal data of Clients to third parties in the following cases:
– If the disclosure of this information is required to comply with the law, the execution of a judicial act;
– To assist in investigations carried out by law enforcement or other government agencies;
– To protect the legal rights of the Client and the Hotel.
Protection of Clients personal data from unauthorized access
5. Protection of Clients personal data from unauthorized access
5.1. When processing personal data of Clients, the Hotel is obliged to take the necessary organizational and technical measures to protect personal data from unauthorized or accidental access to it, destruction, modification, blocking, copying, distribution of personal data, as well as from other illegal actions
5.2. To effectively protect the personal data of customers, it is necessary:
5.2.1. Comply with the procedure for receiving, recording and storing Clients personal data;
5.2.2. Apply technical means of protection, signaling;
5.2.3. Conclude an Agreement on non-disclosure of personal data of the Client with all employees associated with the receipt, processing and protection of personal data of the Client;
5.2.4. Bring to disciplinary action employees guilty of violating the rules governing the receipt, processing and protection of personal data of the Client.
5.3. Access to the personal data of Clients of Hotel employees who do not have properly designed access is prohibited.
5.4. Documents containing personal data of Clients are stored in premises that provide protection against unauthorized access.
5.5. Access to electronic databases containing personal data of customers is protected by: – using licensed software products that prevent unauthorized third parties from accessing personal data of customers; – password system. Passwords are set by the system administrator and communicated individually to employees who have access to personal data of customers.
5.6. Copying and extracting personal data of the Client is allowed solely for official purposes with the written permission of the head.
6. Responsibilities of the Hotel
6.1. The hotel is obliged:
6.1.1. To process the personal data of customers solely for the purpose of providing legitimate services to customers.
6.1.2. Receive personal data of the Client directly from him. If the Client’s personal data can only be obtained from a third party, the Client must be notified in advance and written consent must be obtained from him. Hotel employees must inform the Customers about the goals, the alleged sources and methods of obtaining personal data, as well as the nature of the personal data to be received and the consequences of the client’s refusal to give written consent to receive it.
6.1.3. Do not receive or process the personal data of the Client about his racial, national affiliation, political views, religious or philosophical beliefs, state of health, intimate life, except as otherwise provided by law.
6.1.4. Provide access to your personal data to the Client or his legal representative upon request or upon receipt of a request containing the number of the main document proving the identity of the Client or his legal representative, information on the date of issue of the said document and the authority that issued it and the personal signature of the Client or his legal representative. The request may be sent in electronic form and signed by an electronic digital signature in accordance with the legislation of the Russian Federation. Information on the availability of personal data should be provided to the Client in an accessible form and they should not contain personal data relating to other personal data subjects.
6.1.5. Limit the right of the Client to access his personal data if:
1) The processing of personal data, including personal data obtained as a result of operational search, counterintelligence and intelligence activities, is carried out for the purpose of defending the country, state security and law enforcement;
2) The processing of personal data is carried out by the authorities that detained the subject of personal data on suspicion of committing a crime or charged the subject of personal data with a criminal case, or applied a measure of restraint to the subject of personal data before bringing charges, with the exception of cases provided for by the criminal procedure legislation of the Russian Federation if it is allowed to familiarize the suspect or accused with such personal data;
3) The provision of personal data violates the constitutional rights and freedoms of others.
6.1.6. To ensure storage and protection of the Client’s personal data from unlawful use or loss thereof.
6.1.7. In the event that the operator reveals inaccurate personal data or unlawful actions with them when contacting at the request of the personal data subject or his legal representative or the authorized body for the protection of the rights of personal data subjects, the operator is obliged to block personal data related to the relevant personal data subject from the moment of such contacting or receiving such a request for the verification period.
6.1.8. In case of confirmation of the fact of unreliability of personal data, the operator is obliged to clarify personal data and remove their blocking on the basis of documents submitted by the personal data subject or his legal representative or the authorized body for the protection of the rights of personal data subjects, or other necessary documents.
6.1.9. In the event that unlawful actions with personal data are detected, the operator, within a period not exceeding three business days from the date of such identification, is obliged to eliminate the violations. If it is impossible to eliminate the committed violations, the operator must destroy the personal data within a period not exceeding three business days from the date of the discovery of the illegality of actions with personal data. The operator is obliged to notify the subject of personal data or his legal representative about the elimination of the violations committed or about the destruction of personal data, and if the appeal or request was sent by the authorized body for the protection of the rights of subjects of personal data, also the specified body.
6.1.10. If the goal of processing personal data is achieved, the operator must immediately stop processing personal data and destroy the corresponding personal data within a period not exceeding three business days from the date the goal of processing personal data was achieved, otherwise provided by federal laws, and notify the subject of personal data or its legal representative, and if the appeal or request was sent by the authorized body for the protection of the rights of personal data subjects, also a decree an organ.
7. Customer Rights
The client has the right to:
– access to information about yourself, including information containing confirmation of the fact of processing personal data, as well as the purpose of such processing; personal data processing methods used by the Hotel; information about persons who have access to personal data or who may be granted such access; a list of processed personal data and the source of their receipt, the processing time for personal data, including the storage period; information on what legal consequences for the Client may entail the processing of his personal data;
– Determination of the forms and methods of processing his personal data;
– Restriction of methods and forms of processing personal data;
– Ban on the distribution of personal data without his consent;
– Change, clarification, destruction of information about oneself;
– Appeal against unlawful acts or omissions to process personal data and appropriate compensation in court.
8. Clients privacy of the personal data
8.1. Information about the personal data of customers is confidential.
8.2. The Hotel ensures the confidentiality of personal data and is obliged to prevent their distribution to third parties without the consent of the Customers or the presence of other legal grounds.
8.3. Persons having access to the personal data of Clients are required to observe the confidentiality regime; they must be warned about the need to observe the secrecy regime. In connection with the confidentiality regime of personal information, appropriate security measures should be provided to protect data from accidental or unauthorized destruction, from accidental loss, from unauthorized access to them, alteration or distribution.
8.4. All confidentiality measures during the collection, processing and storage of Clients’ personal data apply to all storage media, both paper and automated.
8.5. The confidentiality mode of personal data is removed in cases of depersonalization or inclusion in public sources of personal data, unless otherwise specified by law.
9. Responsibility for violation of the rules governing the processing of personal data of customers
9.1. The hotel is responsible for the personal information that is at its disposal and secures the personal responsibility of employees for compliance with the established confidentiality regime.
9.2. Each employee receiving a document containing the Client’s personal data for work is solely responsible for the safety of the medium and the confidentiality of information.
9.3. Any person can contact the employee of the Hotel with a complaint for violation of this Regulation. Complaints and applications regarding compliance with data processing requirements are considered within 3 business days from the date of receipt.
9.4. Hotel employees are obliged to ensure the due consideration of requests, applications and complaints of customers, as well as to facilitate the implementation of the requirements of the competent authorities.
9.5. Persons guilty of violating the rules governing the receipt, processing and protection of personal data of Clients bear disciplinary, administrative, civil or criminal liability in accordance with federal laws.