This Policy is developed in accordance with Federal Law No. 152-FZ of July 27, 2006 "On Personal Data" and other regulatory legal acts of the Russian Federation, taking into account the latest legislative amendments entering into force in 2025. The Policy defines the procedure for processing and protecting personal data, as well as measures implemented by
Fremad-Service LLC (hereinafter referred to as the “Operator”) to ensure security during such processing.
1. General Provisions1.1. The Operator processes personal data to comply with the legislation of the Russian Federation and to provide services, including tourism, informational, consulting, and related services.
1.2. This Policy applies to all personal data received by the Operator from data subjects both before and after the approval of this Policy.
1.3. The processing of personal data is carried out within the territory of the Russian Federation. Personal data of Russian citizens must be collected, systematized, stored, and processed exclusively in information systems located in the Russian Federation (data localization requirement).
1.4. Notification of the commencement of personal data processing is submitted to Roskomnadzor (the Federal Service for Supervision of Communications, Information Technology and Mass Media) in cases stipulated by law. The Operator guarantees timely fulfillment of this obligation.
2. Key Definitions2.1.
Personal Data — any information relating directly or indirectly to an identified or identifiable natural person (data subject).
2.2.
Processing of Personal Data — any action or set of actions performed with personal data, including collection, recording, systematization, accumulation, storage, clarification, extraction, use, transfer, depersonalization, blocking, deletion, or destruction.
2.3.
Operator — Fremad-Service LLC, which independently determines the purposes and means of processing personal data.
2.4.
User — any natural person who visits the website
https://fremad.ru.
2.5.
Personal Data Information System — a set of personal data contained in databases and technologies for their processing.
2.6.
Automated Processing — processing performed using computing equipment.
2.7.
Cross-border Transfer — transmission of personal data to the territory of a foreign country.
2.8.
Cookies — data automatically transmitted to the Operator during website use.
2.9.
Data Protection Officer — an employee appointed by the Operator to coordinate actions related to lawful and secure data processing.
3. Categories of Personal Data3.1. Full name
3.2. Contact details: phone number, email address
3.3. Date and place of birth
3.4. Passport and identity document data
3.5. Address of residence and registration
3.6. Information required for the processing of travel, visa, insurance, and other agreements
3.7. Depersonalized technical data: IP address, cookies, browser/device type, location data (if enabled), web analytics
4. Purposes of Personal Data Processing4.1. Conclusion, performance, and termination of agreements with data subjects
4.2. Provision of travel-related, consulting, and support services
4.3. Informing about new services, promotions, special offers, and events
4.4. Fulfillment of the Operator’s legal obligations
4.5. Improving service quality, enhancing user experience, conducting marketing analysis
4.6. Maintaining accounting, statistical, and financial reporting
5. Legal Grounds for Processing5.1. Consent of the data subject given in accordance with the applicable legal requirements
5.2. Necessity for contract execution
5.3. Legal obligation imposed on the Operator
5.4. Processing of depersonalized data based on browser settings
6. Conditions for Processing and Storage6.1. Processing is carried out in compliance with the principles outlined in Article 5 of Federal Law No. 152-FZ.
6.2. Access to data is restricted to authorized employees bound by confidentiality agreements.
6.3. Data is stored in information systems located in Russia and only for the period required to fulfill the processing purpose.
6.4. Processing may be performed using both automated and non-automated methods.
6.5. Data inaccuracies are corrected upon request by the data subject.
6.6. Data is deleted or destroyed upon achieving the processing purpose, expiration of the storage period, or request of the data subject.
6.7. In the event of a data breach, the Operator shall promptly notify Roskomnadzor and affected data subjects in accordance with legal requirements.
7. Disclosure and Transfer of Personal Data7.1. Personal data may be disclosed to third parties only in the following cases:
- With the written consent of the data subject
- For fulfillment of contractual obligations
- When required by law (e.g., court or government requests)
- To partners/contractors under confidentiality agreements
7.2. All data recipients must ensure adequate data protection in compliance with applicable legislation.
8. Cross-border Data Transfer8.1. Cross-border transfer of data is allowed only to countries that provide an adequate level of data protection.
8.2. In other cases, cross-border transfer is possible only with the data subject’s written consent or under an international agreement.
9. Rights of Data SubjectsData subjects have the right to:
9.1. Obtain information regarding the processing of their personal data and the purposes thereof
9.2. Access their personal data
9.3. Request clarification, blocking, deletion, or destruction of their data if it is inaccurate or unlawfully processed
9.4. Withdraw consent to data processing
9.5. File a complaint with Roskomnadzor or initiate legal proceedings in case of rights violations
10. Use of Cookies and Analytics10.1. The Operator uses cookies and analytics systems (including Yandex.Metrica, Google Analytics) to collect depersonalized data about website users.
10.2. Continued use of the website constitutes acceptance of these technologies.
10.3. Users may disable cookies in their browser settings; however, this may affect website functionality.
11. Data Security Measures11.1. The Operator takes legal, organizational, and technical measures to prevent unauthorized access, loss, alteration, or dissemination of personal data.
11.2. Security is ensured in accordance with regulatory requirements on information protection.
11.3. A Data Protection Officer has been appointed to oversee compliance.
12. Final Provisions12.1. This Policy is publicly available at:
https://fremad.ru/russia-travel/data-privacy-policy12.2. All updates to the Policy shall take effect upon publication at the specified address.
12.3. Questions or requests regarding the processing of personal data may be sent to:
info@fremad.ru