1382
правки
Изменения
Перейти к навигации
Перейти к поиску
м
→Data Storage Policy
We transfer personal data only to reliable partners using the secure protocols (for example, to international reservation systems).
We restrict access to personal data by means of password based authentication and secret codes.
Personal data is stored in encrypted form and only for the purposes of increasing the usability of the service. The data owner is provided with an opportunity to view, edit and delete personal data by means of the "private office" functionality.
To purchase as a natural person you do not need to create an account in the system. In this case, in order to get the access to your booking you have to enter a secret access code (a set of numbers and letters) that will be displayed on the order page and duplicated in an e-mail notification of successful booking. We do use cookies to store information about your device so you do not have to enter an access code each time you open an order page. In case you forgot or lost the access code and changed the device, you can restore access to the order by entering its number and last name of the first passenger. To ensure that the access code, the order number and the last name of the first passenger can not be brute forced, the system limits the number of attempts for data entry per unit of time.
If you create an account in our system, your orders will be tied to this account and displayed in your personal “private office”. We will also store personal data of the passengers that you have entered, so that you can reuse it when creating new orders. Nobody except you has the access to the passengers’ personal data stored in your personal “private office”. You can delete your account in your personal “private office”. In this case all personal data associated with your account, including your orders, will be deleted from the system.
Personal data related to orders is stored in an encrypted form. Only you and our company’s employees staff have the access to this data. Our employees staff use your personal data only for purposes of analysing and solving technical problems (for example, an error during the booking due to an unacceptable format of the data). Use of personal data for other purposes is prohibited by the nondisclosure agreement that is signed by each of our employees. Personal data from the orders will be deleted after the completion of the service execution time, after the end of the acceptable terms of exchanges and refunds for the services and after the end of the reporting period.
* one copy of your personal data (free of charge);
* detailed information about the companies (reservation systems), to which your personal data was or will be transferred, and the country of their location;
* any information related to the purposes and terms of processing of personal data, to the sources of obtain of obtaining your personal data (if it does not contradict the requirements of laws).
The system does not process personal data for the purposes of making automated decisions that can affect the order price or decisions restricting your rights as a subject of personal data.
|-
| Passengers data (private office)
| To re-enter personal data in automatically to the new orders
| Not transferred
| Unlimitedly in an encrypted form (until being removed by the user)
| Unlimitedly in an encrypted form (until the removal of the user), as a hash sum.
|}
===Cookie Policy===
Cookies are files with data related to our system and which are stored on the side of your device. You manage the stored data yourself and you can delete it at any time. It is not recommended to completely disable the cookies functionality as this can adversely affect the availability of the certain functionality of our system.
We use personal data from these files only for the purposes listed below.
'''Security features:'''
We identify your device and restrict unauthorized access to your personal data from any other devices. Because of this Thereby you can purchase tickets without creating an account in our system.
During the process of the authentication (at the moment when user enters username and password), we store your data through a unique session identifier stored in the cookie. So you do not need to re-enter your login and password each time you perform the operations on the website that require authorization.
We strive to improve our service, to increase its speed and make it more convenient for the customers.
We use cookies to collect anonymous analytical data in the Yandex.Metrica and Google Analytics systems for identifying to identify problematic and non-optimal webpages.
'''For effective and useful advertising:'''
2. Security of access to personal data by unregistered customers is provided through unique access codes or identification of the device of the customer (through a cookie).
3. Employees Staff of the companies that have access to personal data, sign a non-disclosure agreement and have to pass two-factor authentication.
4. During the process of transmission and storage (including backups) personal data is encrypted. To check the integrity of the encrypted data the checksum algorithm is used. Encryption algorithm: symmetric-key algorithm with 256-bit key and random initialization vector.
5. Secure storage of passwords (via hash-sums without the ability to restore the user's original password).
6. Passwords and access codes to personal data are protected from brute force selection.
