Baltic Shuttle OÜ Privacy Policy

Baltic Shuttle OÜ establishes the following rules for the processing of personal data when using its official website.

Definitions

Personal data Operator: Baltic Shuttle OÜ

Number in the register of legal entities: 12019051

Baltic Shuttle OÜ website: Baltic Shuttle OÜ's official information resource hosted on the Internet on the domain names balticshuttle.ee and balticshuttle.eu.

Address: Estonia, Tallinn, Kesklinna linnaosa, Tartu mnt 65-26, 10115

Subject of personal data: a natural person who intends to order and purchase, ordering and purchasing tickets or already using Baltic Shuttle OÜ services for the carriage of passengers in international traffic. The subject of personal data is also an individual, whose personal data the Operator receives from an agent providing the Subject of personal data with transport services for transportation, in regular international traffic, by means of Baltic Shuttle OÜ. Subjects of personal data include visitors to the Operator's website who transfer their personal data while receiving information about the services of Baltic Shuttle OÜ.

Processing of personal data: any action of the Operator or a set of actions of the Operator with the personal data of the Subject, performed with or without the use of automation tools. The processing of personal data includes: collection, recording, systematization, accumulation, storage, clarification (updating, changing), use, depersonalization, blocking, deletion, destruction in the Operator's information system.

General provisions

The use of the Baltic Shuttle OÜ website by the Subject means his consent to the content of this Privacy Policy and the processing of his personal data.

The collection of data about website visitors is carried out in accordance with the requirements of the current legal acts of the European Union and the Republic of Estonia. On the territory of the Russian Federation, the processing of personal data is carried out in the manner prescribed by the Federal Law of July 27, 2006 No. 152-FZ "On Personal Data".

Persons under the age of 16 cannot provide personal data through the Baltic Shuttle OÜ website. If you are a person under the age of 16, you must obtain the consent of your parents or other legal guardians before providing your personal information.

The privacy policy set forth in this document applies to personal data received before and after its publication.

The Operator reserves the right to make changes and additions to this Privacy Policy. The new version of the Privacy Policy comes into force from the moment it is posted on the website of Baltic Shuttle OÜ.

The website of Baltic Shuttle OÜ may use "cookies" for the purpose of its technical functioning without collecting personal data of website visitors.

Purpose of personal data processing

The Operator processes the personal data of the Subject for the purpose of concluding, executing and terminating the contract for the carriage of passengers, as well as in order to ensure the possibility of the subsequent use by the Operator of the personal data of the Subject when he re-applies for the services of the Operator. The processing of the personal data of the Subject is carried out when the passenger is issued a travel document - a ticket certifying, in accordance with the law, the conclusion of a contract for the carriage of a passenger.

The Operator processes the personal data of the Subject in order to inform him about the services of Baltic Shuttle OÜ and to provide access to the electronic self-ticketing system of the carrier Baltic Shuttle OÜ. The Operator processes the personal data of the Subject in order to fulfill the requirements of the legislation for passing border, customs, transport and other types of control when crossing the borders of states.

On international flights to the Russian Federation, the Operator processes the personal data of the Subject in order to comply with the requirements of the legislation of the Russian Federation on transport security and transfer the personal data of the Subject to the Unified State Information System for Transport Security.

Composition of personal data

In accordance with the stated purposes, the Operator processes the following personal data of the Subject:

  • first and last name
  • telephone
  • e-mail address
  • date of birth
  • gender
  • citizenship
  • citizenship document number

Collection, processing, storage, transfer and deletion of personal data

The Operator processes the personal data of the Subject through its information system, as well as information systems of third parties integrated with it in the following cases: when issuing a ticket to the Subject, making changes to it, canceling the ticket, making settlements with the Subject under the contract of carriage and informing him about the execution of the contract of carriage, when fulfilling the requirements of transport security, as well as during border and customs procedures. When processing the personal data of the Subject in order to provide services to him, it may be transmitted over the Internet through a secure connection in encrypted form.

The personal data of the Subject is used for the purpose of providing services to him by the Operator and for the purpose of informing about the services of the Operator.

The Operator stores the personal data of the Subject for ten years from the date of his last access to the services of the Operator. Personal data is stored for the purpose of their use in subsequent requests of the Subject and informing him about the services of the Operator. After the expiration of the specified period, the personal data of the Subject are deleted. In case of withdrawal of the consent of the Subject to the processing and storage of his personal data, the processing of personal data is terminated and they are deleted. To revoke consent to the processing and storage of personal data, the Subject must apply to the Operator in writing to the Operator's postal address.

When processing personal data, the Operator takes the necessary measures to protect personal data from unauthorized access to them, to ensure the confidentiality of storage and transfer of personal data of the Subject.

Personal data is not transferred to a third party, except in cases where services are provided to the Subject by a company partner of the Operator. In these cases, only that part of the personal information that is necessary for the provision of a particular service is transmitted.

Cross-border transfer of personal data to the authority or control of a foreign state is carried out when the mandatory requirements of local legislation are met, as well as at the request of a foreign authority that is mandatory for execution by the Operator.

Updating of personal data can be carried out when the Subject re-applies for the services of the Operator or when he personally applies, provided that the Subject of personal data is identified.